Vulnerability Details CVE-2006-2040
Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.3%
CVSS Severity
CVSS v2 Score 6.4
References
- http://secunia.com/advisories/19836
- http://securityreason.com/securityalert/789
- http://www.osvdb.org/24981
- http://www.osvdb.org/24982
- http://www.osvdb.org/24983
- http://www.securityfocus.com/archive/1/431982/100/0/threaded
- http://www.securityfocus.com/bid/17683
- http://www.vupen.com/english/advisories/2006/1525
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26066
- http://secunia.com/advisories/19836
- http://securityreason.com/securityalert/789
- http://www.osvdb.org/24981
- http://www.osvdb.org/24982
- http://www.osvdb.org/24983
- http://www.securityfocus.com/archive/1/431982/100/0/threaded
- http://www.securityfocus.com/bid/17683
- http://www.vupen.com/english/advisories/2006/1525
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26066