Vulnerabilities > CVE-2006-5236 - Unspecified vulnerability in 4Homepages 4Images 1.7.1/1.7.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN 4homepages
exploit available
Summary
SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description 4images 1.7.1 Remote SQL Injection Vulnerability. CVE-2006-5236. Webapps exploit for php platform id EDB-ID:10572 last seen 2016-02-01 modified 2009-12-20 published 2009-12-20 reporter Master Mind source https://www.exploit-db.com/download/10572/ title 4images 1.7.1 - Remote SQL Injection Vulnerability description 4images 1.7.x (search.php) Remote SQL Injection Exploit. CVE-2006-5236. Webapps exploit for php platform file exploits/php/webapps/2487.php id EDB-ID:2487 last seen 2016-01-31 modified 2006-10-08 platform php port published 2006-10-08 reporter Synsta source https://www.exploit-db.com/download/2487/ title 4images 1.7.x - search.php Remote SQL Injection Exploit type webapps
References
- http://w4ck1ng.com/board/showthread.php?t=1037
- http://www.securityfocus.com/bid/20394
- http://secunia.com/advisories/22349
- http://securitytracker.com/id?1017074
- http://securityreason.com/securityalert/1711
- http://www.vupen.com/english/advisories/2006/3974
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29389
- https://www.exploit-db.com/exploits/2487
- http://www.securityfocus.com/archive/1/448022/100/0/threaded