cpe:/a:brt:copperexport:0.1 cpe:/a:brt:copperexport:0.2 CVE-2005-0697 2005-03-07T00:00:00.000-05:00 2008-09-05T16:47:02.723-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-09T18:08:00.000-04:00 ALLOWS_OTHER_ACCESS SECUNIA 14401 CONFIRM http://www.zzamboni.org/copperexport/ SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters.