CVE-2006-6370 Information

Description

SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remote attackers to cause a denial of service and possibly have other impacts as demonstrated using a \SELECT BENCHMARK\ statement in the img parameter in a doaddcomment operation in index.php.

Reference

http://www.securityfocus.com/archive/1/453167/100/100/threaded http://www.securityfocus.com/archive/1/453468/100/0/threaded