CVE-2015-2035

SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://packetstormsecurity.com/files/130432/CMS-Piwigo-2.7.3-Cross-Site-Scripting-SQL-Injection.html	Exploit Third Party Advisory VDB Entry
http://piwigo.org/forum/viewtopic.php?id=25179	Vendor Advisory
http://piwigo.org/releases/2.7.4	Patch Release Notes Vendor Advisory
http://seclists.org/fulldisclosure/2015/Feb/73	Exploit Mailing List Third Party Advisory
http://sroesemann.blogspot.de/2015/01/sroeadv-2015-06.html	Not Applicable
http://sroesemann.blogspot.de/2015/02/report-for-advisory-sroeadv-2015-06.html	Not Applicable
http://www.securityfocus.com/bid/72689

Configurations

Configuration 1 (hide)

cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-02-20 16:59

Updated : 2023-12-10 11:31

NVD link : CVE-2015-2035

Mitre link : CVE-2015-2035

CVE.ORG link : CVE-2015-2035

JSON object : View

Products Affected

piwigo

piwigo

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2015-2035", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-02-20T16:59:07.397", "references": [{"url": "http://packetstormsecurity.com/files/130432/CMS-Piwigo-2.7.3-Cross-Site-Scripting-SQL-Injection.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://piwigo.org/forum/viewtopic.php?id=25179", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://piwigo.org/releases/2.7.4", "tags": ["Patch", "Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2015/Feb/73", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://sroesemann.blogspot.de/2015/01/sroeadv-2015-06.html", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://sroesemann.blogspot.de/2015/02/report-for-advisory-sroeadv-2015-06.html", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/72689", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en el backend administrativo en Piwigo en versiones anteriores a 2.7.4 permite a administradores remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro user en la p\u00e1gina del historial a admin.php."}], "lastModified": "2016-11-30T03:00:41.517", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2C56A23-6191-4B62-82F3-35527976E603", "versionEndIncluding": "2.7.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}