CVE-2006-2748

NONECVSS 0.0

0.0

SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.

🔗 References (18)

cve@mitrehttp://secunia.com/advisories/20341
cve@mitrehttp://securityreason.com/securityalert/1014
cve@mitrehttp://securitytracker.com/id?1016178
cve@mitrehttp://sourceforge.net/forum/forum.php?forum_id=576483
cve@mitrehttp://svn.sourceforge.net/viewcvs.cgi/osic-win/branches/osic_0-7/osic/core.php?r1=477&r2=631
cve@mitrehttp://www.seclab.tuwien.ac.at/advisories/TUVSA-0605-001.txt
cve@mitrehttp://www.securityfocus.com/archive/1/435380/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/18169
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/26968
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20341
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1014
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016178
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/forum/forum.php?forum_id=576483
af854a3a-2127-422b-91ae-364da2661108http://svn.sourceforge.net/viewcvs.cgi/osic-win/branches/osic_0-7/osic/core.php?r1=477&r2=631
af854a3a-2127-422b-91ae-364da2661108http://www.seclab.tuwien.ac.at/advisories/TUVSA-0605-001.txt

Is Your Infrastructure Affected by CVE-2006-2748?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-2748

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-2748?