CVE-2006-6247

Опубликовано: 04 дек. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.

Ссылки

http://securityreason.com/securityalert/1950
http://www.aria-security.com/forum/showthread.php?t=53
Exploit
http://www.securityfocus.com/archive/1/452827/100/0/threaded
http://www.securityfocus.com/archive/1/459187/100/0/threaded
http://www.securityfocus.com/bid/21319
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30556
http://securityreason.com/securityalert/1950
http://www.aria-security.com/forum/showthread.php?t=53
Exploit
http://www.securityfocus.com/archive/1/452827/100/0/threaded
http://www.securityfocus.com/archive/1/459187/100/0/threaded
http://www.securityfocus.com/bid/21319
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30556

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uapplication:uphotogallery:1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03403

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mfx2-qm46-9g4c

github

почти 4 года назад