Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2157

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2157
Last Modified 22 Oct 2012 12:00:00
Published 03 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2157

Summary

SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". NOTE: This is a different vulnerability than CVE-2005-4246.

Vulnerable Systems

Application

  • Plogger 2.1

  • Plogger 2.1 Beta


References

MISC - http://retrogod.altervista.org/plogger_b21_sql_xpl.html

XF - plogger-gallery-sql-injection(26273)


Last Updated: 27 May 2016 10:42:32