CVE

Id
22291  
CVE No.
CVE-2006-6187  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in ClickTech Click Gallery allow remote attackers to execute arbitrary SQL commands via the (1) currentpage or (2) gallery_id parameter to (a) view_gallery.asp, the (3) image_id parameter to (b) download_image.asp, the currentpage or (5) orderby parameter to (c) gallery.asp, or the currentpage parameter to (d) view_recent.asp.  
Phase
Assigned (20061130)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
215502 22291 CVE-2006-6187 BUGTRAQ:20061126 ClickGallery Sql Injection  View
215503 22291 CVE-2006-6187 URL:http://www.securityfocus.com/archive/1/archive/1/452733/100/0/threaded  View
215504 22291 CVE-2006-6187 MISC:http://www.aria-security.com/forum/showthread.php?t=49  View
215505 22291 CVE-2006-6187 BID:21311  View
215506 22291 CVE-2006-6187 URL:http://www.securityfocus.com/bid/21311  View
215507 22291 CVE-2006-6187 VUPEN:ADV-2006-4743  View
215508 22291 CVE-2006-6187 URL:http://www.vupen.com/english/advisories/2006/4743  View
215509 22291 CVE-2006-6187 SECUNIA:23136  View
215510 22291 CVE-2006-6187 URL:http://secunia.com/advisories/23136  View
215511 22291 CVE-2006-6187 SREASON:1937  View
215512 22291 CVE-2006-6187 URL:http://securityreason.com/securityalert/1937  View
215513 22291 CVE-2006-6187 XF:clickgallery-multiple-scripts-sql-injection(30535)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
59379 JVNDB-2006-001645 ClickTech Click Blog の displayCalendar.asp における SQL インジェクションの脆弱性 ClickTech Click Blog の displayCalendar.asp には、SQL インジェクションの脆弱性が存在します。 CVE-2006-6189 22291 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001645.html  View