CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6370

SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remote attackers to cause a denial of service and possibly have other impacts, as demonstrated using a "SELECT BENCHMARK" statement in the img parameter in a doaddcomment operation in index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/archive/1/453167/100/100/threaded
http://www.securityfocus.com/archive/1/453468/100/0/threaded
http://www.securityfocus.com/archive/1/453167/100/100/threaded
http://www.securityfocus.com/archive/1/453468/100/0/threaded

Products affected by CVE-2006-6370

Invision Power Services » Invision Gallery » Version: 2.0.7

cpe:2.3:a:invision_power_services:invision_gallery:2.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6370

Products

Pricing

Contact Us