CVE-2006-2993 Information

Description

Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp.

Reference

http://pridels0.blogspot.com/2006/06/my-photo-scrapbook-vuln.html http://secunia.com/advisories/20554 http://www.osvdb.org/26281 http://www.osvdb.org/26282 http://www.securityfocus.com/bid/18418 http://www.vupen.com/english/advisories/2006/2244 https://exchange.xforce.ibmcloud.com/vulnerabilities/27087