Vulnerabilities > CVE-2006-3163 - SQL Injection vulnerability in IMGallery Galeria.PHP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

imgallery

NVD

Published: 2006-06-22

Updated: 2017-07-20

Summary

Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start or (2) sort parameters.

Vulnerable Configurations

Part	Description	Count
Application	Imgallery Imgallery Imgallery *	1

References

http://pridels0.blogspot.com/2006/06/imgallery-vuln.html
http://secunia.com/advisories/20763
http://securitytracker.com/id?1016349
http://www.attrition.org/pipermail/vim/2006-June/000909.html
http://www.osvdb.org/26695
http://www.securityfocus.com/bid/18566
http://www.vupen.com/english/advisories/2006/2471
https://exchange.xforce.ibmcloud.com/vulnerabilities/27277