CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 2CVE-2008-1349 – eXV2 Module bamaGalerie 3.03 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-1349
SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter. Vulnerabilidad de inyección SQL de viewcat.php en bamaGalerie (Bama Galerie) 3.03 y 3.041 en los módulos eXV2 2.0.6, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "cid". • https://www.exploit-db.com/exploits/5244 http://packetstormsecurity.org/0804-exploits/runcms11a-sql.txt http://secunia.com/advisories/29359 http://secunia.com/advisories/29362 http://www.securityfocus.com/bid/28229 https://exchange.xforce.ibmcloud.com/vulnerabilities/41188 https://www.exploit-db.com/exploits/5340 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •