Vulnerabilities > CVE-2006-3164 - SQL Injection vulnerability in TPL Design TplShop Category.PHP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
tpl-design

Summary

SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the first_row parameter.

Vulnerable Configurations

Part Description Count
Application
Tpl_Design
1