Vulnerability Details CVE-2006-0235
SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers to execute arbitrary SQL commands via the dir parameter to pictures.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/18460
- http://www.biyosecurity.be/bugs/whitealbum.txt
- http://www.osvdb.org/22520
- http://www.securityfocus.com/archive/1/422105/100/0/threaded
- http://www.securityfocus.com/bid/16247
- http://www.vupen.com/english/advisories/2006/0241
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24271
- http://secunia.com/advisories/18460
- http://www.biyosecurity.be/bugs/whitealbum.txt
- http://www.osvdb.org/22520
- http://www.securityfocus.com/archive/1/422105/100/0/threaded
- http://www.securityfocus.com/bid/16247
- http://www.vupen.com/english/advisories/2006/0241
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24271
Products affected by CVE-2006-0235
-
cpe:2.3:a:white_angle:white_album:2.5