CVE-2006-2987 Information

Description

Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id (2) voteid and (3) vfiel parameters to (a) index.php and via the (4) nick (5) email (6) city (7) messen and (8) message form field parameters to (b) add.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Reference

http://secunia.com/advisories/20414/ http://www.vupen.com/english/advisories/2006/2118 https://exchange.xforce.ibmcloud.com/vulnerabilities/27017