MidnightBSD

Advisories for smartor

CVE-2005-1114 HIGH

Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
phpbb_group phpbb 2.0.11
phpbb_group phpbb 2.0.2
phpbb_group phpbb 2.0.3
smartor photo_album 2.0.53
phpbb_group phpbb 2.0.7a
phpbb_group phpbb 2.0.8a
phpbb_group phpbb 2.0.6
phpbb_group phpbb 2.0.4
phpbb_group phpbb 2.0.7
phpbb_group phpbb 2.0.8
phpbb_group phpbb 2.0.1
phpbb_group phpbb 2.0.10
phpbb_group phpbb 2.0.13
phpbb_group phpbb 2.0.6d
phpbb_group phpbb 2.0.9
phpbb_group phpbb 2.0.0
phpbb_group phpbb 2.0.12
phpbb_group phpbb 2.0.5
phpbb_group phpbb 2.0.6c
CVE-2005-1115 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
phpbb_group phpbb 2.0.11
phpbb_group phpbb 2.0.2
phpbb_group phpbb 2.0.3
smartor photo_album 2.0.53
phpbb_group phpbb 2.0.7a
phpbb_group phpbb 2.0.8a
phpbb_group phpbb 2.0.6
phpbb_group phpbb 2.0.4
phpbb_group phpbb 2.0.7
phpbb_group phpbb 2.0.8
phpbb_group phpbb 2.0.1
phpbb_group phpbb 2.0.10
phpbb_group phpbb 2.0.13
phpbb_group phpbb 2.0.6d
phpbb_group phpbb 2.0.9
phpbb_group phpbb 2.0.0
phpbb_group phpbb 2.0.12
phpbb_group phpbb 2.0.5
phpbb_group phpbb 2.0.6c