Vulnerabilities > CVE-2006-6195 - Unspecified vulnerability in Fixit Knowledge Solutions Idms PRO Image Gallery
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN fixit-knowledge-solutions
exploit available
Summary
Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Fixit iDMS Pro Image Gallery showfile.asp fid Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform id EDB-ID:29179 last seen 2016-02-03 modified 2006-11-24 published 2006-11-24 reporter Aria-Security Team source https://www.exploit-db.com/download/29179/ title Fixit iDms Pro Image Gallery showfile.asp fid Parameter SQL Injection description Fixit iDMS Pro Image Gallery filelist.asp Multiple Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform id EDB-ID:29178 last seen 2016-02-03 modified 2006-11-24 published 2006-11-24 reporter Aria-Security Team source https://www.exploit-db.com/download/29178/ title Fixit iDms Pro Image Gallery filelist.asp Multiple Parameter SQL Injection
References
- http://securitytracker.com/id?1017281
- http://securitytracker.com/id?1017281
- http://www.aria-security.com/forum/showthread.php?t=39
- http://www.aria-security.com/forum/showthread.php?t=39
- http://www.securityfocus.com/archive/1/452567/100/0/threaded
- http://www.securityfocus.com/archive/1/452567/100/0/threaded
- http://www.securityfocus.com/bid/21282
- http://www.securityfocus.com/bid/21282
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30513
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30513