Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3163

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3163
Last Modified 07 Mar 2011 09:37:58
Published 22 Jun 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3163

Summary

Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start or (2) sort parameters.

Vulnerable Systems

Application

  • Imgallery 2.4


References

VUPEN - ADV-2006-2471

BID - 18566

SECUNIA - 20763

XF - imgallery-galeria-sql-injection(27277)

OSVDB - 26695

VIM - 20060630 IMGallery - "galeria.php" not "galerie.php"

SECTRACK - 1016349

MISC - http://pridels0.blogspot.com/2006/06/imgallery-vuln.html


Last Updated: 27 May 2016 10:42:54