CVE-2006-6247

Publication date

2006-12-04 11:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.