Vulnerabilities > CVE-2006-6932 - SQL Injection vulnerability in Image Gallery with Access Database
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp, or the (2) order or (3) page parameter to (b) default.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Image gallery with Access Database dispimage.asp id Parameter SQL Injection. CVE-2006-6932. Webapps exploit for asp platform id EDB-ID:29053 last seen 2016-02-03 modified 2006-11-16 published 2006-11-16 reporter Aria-Security Team source https://www.exploit-db.com/download/29053/ title Image gallery with Access Database dispimage.asp id Parameter SQL Injection description Image gallery with Access Database default.asp Multiple Parameter SQL Injection. CVE-2006-6932. Webapps exploit for asp platform id EDB-ID:29054 last seen 2016-02-03 modified 2006-11-16 published 2006-11-16 reporter Aria-Security Team source https://www.exploit-db.com/download/29054/ title Image gallery with Access Database default.asp Multiple Parameter SQL Injection