Vulnerabilities > CVE-2006-6195 - Input Validation vulnerability in Fixit IDMS Pro

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
fixit-knowledge-solutions
exploit available
NVD
Published: 2006-12-01
Updated: 2018-10-17

Summary

Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.

Vulnerable Configurations

Part Description Count
Application
Fixit_Knowledge_Solutions
1

Exploit-Db

  • descriptionFixit iDMS Pro Image Gallery showfile.asp fid Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform
    idEDB-ID:29179
    last seen2016-02-03
    modified2006-11-24
    published2006-11-24
    reporterAria-Security Team
    sourcehttps://www.exploit-db.com/download/29179/
    titleFixit iDms Pro Image Gallery showfile.asp fid Parameter SQL Injection
  • descriptionFixit iDMS Pro Image Gallery filelist.asp Multiple Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform
    idEDB-ID:29178
    last seen2016-02-03
    modified2006-11-24
    published2006-11-24
    reporterAria-Security Team
    sourcehttps://www.exploit-db.com/download/29178/
    titleFixit iDms Pro Image Gallery filelist.asp Multiple Parameter SQL Injection

References