Vulnerabilities > CVE-2006-6092 - Unspecified vulnerability in 20 Applications 20 Auto Gallery

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
20-20-applications
exploit available

Summary

Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 Auto Gallery allow remote attackers to execute arbitrary SQL commands via the (1) vehicleID, (2) categoryID_list, (3) sale_type, (4) stock_number, (5) manufacturer, (6) model, (7) vehicleID, (8) year, (9) vin, and (10) listing_price parameters.

Vulnerable Configurations

Part Description Count
Application
20_20_Applications
1

Exploit-Db

description20/20 Auto Gallery 3.2 Multiple SQL Injection Vulnerabilities. CVE-2006-6092. Webapps exploit for asp platform
idEDB-ID:29075
last seen2016-02-03
modified2006-11-17
published2006-11-17
reporterlaurent gaffie
sourcehttps://www.exploit-db.com/download/29075/
title20/20 Auto Gallery 3.2 - Multiple SQL Injection Vulnerabilities