CVE-2006-3163 Information

Description

Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start or (2) sort parameters.

Reference

http://pridels0.blogspot.com/2006/06/imgallery-vuln.html http://secunia.com/advisories/20763 http://securitytracker.com/id?1016349 http://www.attrition.org/pipermail/vim/2006-June/000909.html http://www.osvdb.org/26695 http://www.securityfocus.com/bid/18566 http://www.vupen.com/english/advisories/2006/2471 https://exchange.xforce.ibmcloud.com/vulnerabilities/27277