CVE-2005-1114 | Vulnerability Database | Aqua Security

Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters.

Affected Software

Name	Vendor	Start Version	End Version
Phpbb	Phpbb_group	2.0.0 (including)	2.0.0 (including)
Phpbb	Phpbb_group	2.0.1 (including)	2.0.1 (including)
Phpbb	Phpbb_group	2.0.2 (including)	2.0.2 (including)
Phpbb	Phpbb_group	2.0.3 (including)	2.0.3 (including)
Phpbb	Phpbb_group	2.0.4 (including)	2.0.4 (including)
Phpbb	Phpbb_group	2.0.5 (including)	2.0.5 (including)
Phpbb	Phpbb_group	2.0.6 (including)	2.0.6 (including)
Phpbb	Phpbb_group	2.0.6c (including)	2.0.6c (including)
Phpbb	Phpbb_group	2.0.6d (including)	2.0.6d (including)
Phpbb	Phpbb_group	2.0.7 (including)	2.0.7 (including)
Phpbb	Phpbb_group	2.0.7a (including)	2.0.7a (including)
Phpbb	Phpbb_group	2.0.8 (including)	2.0.8 (including)
Phpbb	Phpbb_group	2.0.8a (including)	2.0.8a (including)
Phpbb	Phpbb_group	2.0.9 (including)	2.0.9 (including)
Phpbb	Phpbb_group	2.0.10 (including)	2.0.10 (including)
Phpbb	Phpbb_group	2.0.11 (including)	2.0.11 (including)
Phpbb	Phpbb_group	2.0.12 (including)	2.0.12 (including)
Phpbb	Phpbb_group	2.0.13 (including)	2.0.13 (including)
Photo_album	Smartor	2.0.53 (including)	2.0.53 (including)

References

http://marc.info/?l=bugtraq\u0026m=111343406309969\u0026w=2
http://www.digitalparadox.org/advisories/phpbbp.txt
http://www.osvdb.org/15931
http://www.securityfocus.com/bid/13155
https://exchange.xforce.ibmcloud.com/vulnerabilities/20086
http://marc.info/?l=bugtraq\u0026m=111343406309969\u0026w=2
http://www.digitalparadox.org/advisories/phpbbp.txt
http://www.osvdb.org/15931
http://www.securityfocus.com/bid/13155
https://exchange.xforce.ibmcloud.com/vulnerabilities/20086

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-1114
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html