PHP Photo Album < 2.0.14 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 2821


The remote web server contains a script that is vulnerable to a SQL injection attack.


The remote host is running Photo Album, a phpBB module that enables users to easily share photo albums via the internet. This version of Photo Album is vulnerable to a SQL injection attack within the 'mode' parameter of the album_search.php script. An attacker exploiting this flaw would send a malformed query to the album_search.php script which, when processed, would give the attacker the ability to read and/or modify data. In addition, the attacker may be able to execute arbitrary code. Photo Album is also vulnerable to a Cross-Site Scripting (XSS) attack within the 'sid' parameter of the album_cat.php and album_comment.php scripts. An attacker exploiting this flaw would need to convince a user to browse to a malicious URI. Successful exploitation would result in attacker code running within the victim browser possibly resulting in the loss of confidential data (such as cookies).


Upgrade to version 2.0.14 or higher.

Plugin Details

Severity: High

ID: 2821

Family: CGI

Published: 2005/04/13

Modified: 2018/07/11

Dependencies: 1442

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND


Base Score: 7.3

Temporal Score: 7.3


Temporal Vector: CVSS3#E:H/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:smartor:photo_album

Reference Information

CVE: CVE-2005-1115

BID: 13157, 13158