CVE-2006-6932 Information

Description

Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp or the (2) order or (3) page parameter to (b) default.asp.

Reference

http://securityreason.com/securityalert/2147 http://www.securityfocus.com/archive/1/451875/100/0/threaded http://www.securityfocus.com/bid/21131