Vulnerabilities > CVE-2006-1232 - Unspecified vulnerability in Dsportal Dsdownload 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dsportal
exploit available
Summary
Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) key and (2) category parameters to (a) search.php and (b) downloads.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | DSDownload 1.0 Multiple SQL-Injection Vulnerabilities. CVE-2006-1232 . Webapps exploit for php platform |
| id | EDB-ID:27424 |
| last seen | 2016-02-03 |
| modified | 2006-03-15 |
| published | 2006-03-15 |
| reporter | Aliaksandr Hartsuyeu |
| source | https://www.exploit-db.com/download/27424/ |
| title | DSDownload 1.0 - Multiple SQL-Injection Vulnerabilities |
References
- http://evuln.com/vulns/99/summary.html
- http://evuln.com/vulns/99/summary.html
- http://secunia.com/advisories/19202
- http://secunia.com/advisories/19202
- http://securityreason.com/securityalert/626
- http://securityreason.com/securityalert/626
- http://securitytracker.com/id?1015755
- http://securitytracker.com/id?1015755
- http://www.osvdb.org/23886
- http://www.osvdb.org/23886
- http://www.osvdb.org/23887
- http://www.osvdb.org/23887
- http://www.securityfocus.com/archive/1/428808/100/0/threaded
- http://www.securityfocus.com/archive/1/428808/100/0/threaded
- http://www.securityfocus.com/bid/17116
- http://www.securityfocus.com/bid/17116
- http://www.vupen.com/english/advisories/2006/0934
- http://www.vupen.com/english/advisories/2006/0934
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25193