CVE-2005-4228

Phpwebgallery < 1.7.2 - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php. NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier.

Exploits (3)

exploitdb WRITEUP VERIFIED

by r0t3d3Vil · textwebappsphp

https://www.exploit-db.com/exploits/26790

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t3d3Vil · textwebappsphp

https://www.exploit-db.com/exploits/26792

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t3d3Vil · textwebappsphp

https://www.exploit-db.com/exploits/26791

View Code ZIP pw:eip

References (7)

[Third Party Advisory] http://pridels0.blogspot.com/2005/12/phpwebgallery-multiple-sql-inj.html

[Vendor Advisory] http://secunia.com/advisories/18019

[Exploit] http://www.securityfocus.com/bid/15837

[Third Party Advisory, VDB Entry] http://www.osvdb.org/21689

[Third Party Advisory, VDB Entry] http://www.osvdb.org/21690

[Third Party Advisory, VDB Entry] http://www.osvdb.org/21691

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2881

Scores

EPSS 0.0095

EPSS Percentile 76.1%

Classification

CWE

CWE-89

Status draft

Affected Products (20)

phpwebgallery/phpwebgallery < 1.7.2

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

phpwebgallery/phpwebgallery

... and 5 more

Timeline

Published Dec 14, 2005

Tracked Since Feb 18, 2026