Vulnerabilities > CVE-2006-6195 - Input Validation vulnerability in Fixit IDMS Pro
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Fixit iDMS Pro Image Gallery showfile.asp fid Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform id EDB-ID:29179 last seen 2016-02-03 modified 2006-11-24 published 2006-11-24 reporter Aria-Security Team source https://www.exploit-db.com/download/29179/ title Fixit iDms Pro Image Gallery showfile.asp fid Parameter SQL Injection description Fixit iDMS Pro Image Gallery filelist.asp Multiple Parameter SQL Injection. CVE-2006-6195 . Webapps exploit for asp platform id EDB-ID:29178 last seen 2016-02-03 modified 2006-11-24 published 2006-11-24 reporter Aria-Security Team source https://www.exploit-db.com/download/29178/ title Fixit iDms Pro Image Gallery filelist.asp Multiple Parameter SQL Injection