Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2040

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2040
Last Modified 07 Mar 2011 09:34:51
Published 26 Apr 2006 02:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2040

Summary

Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.

Vulnerable Systems

Application

  • Photokorn 1.53

  • Photokorn 1.542


References

VUPEN - ADV-2006-1525

BID - 17683

BUGTRAQ - 20060425 photokorn 1.53 , 1.542 << Sql

XF - photokorn-multiple-sql-injection(26066)

OSVDB - 24983

OSVDB - 24982

OSVDB - 24981

SREASON - 789

SECUNIA - 19836


Last Updated: 27 May 2016 10:42:18