Описание
Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp.
Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2300
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26343
- http://downloads.securityfocus.com/vulnerabilities/exploits/eimagepro-xss.txt
- http://secunia.com/advisories/20043
- http://www.osvdb.org/25331
- http://www.osvdb.org/25332
- http://www.osvdb.org/25333
- http://www.securityfocus.com/bid/17911
- http://www.vupen.com/english/advisories/2006/1749
EPSS
Процентиль: 82%
0.01735
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp.
EPSS
Процентиль: 82%
0.01735
Низкий