PRIOn knowledge basePRION:CVE-2006-1232

HistoryMar 14, 2006 - 7:06 p.m.

Sql injection

2006-03-1419:06:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.3%

JSON

Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) key and (2) category parameters to (a) search.php and (b) downloads.php.

CPENameOperatorVersion
dsdownloadeq1.0

CPE	Name	Operator	Version
	dsdownload	eq	1.0

References

evuln.com/vulns/99/summary.html

secunia.com/advisories/19202

securityreason.com/securityalert/626

securitytracker.com/id?1015755

www.osvdb.org/23886

www.osvdb.org/23887

www.securityfocus.com/archive/1/428808/100/0/threaded

www.securityfocus.com/bid/17116

www.vupen.com/english/advisories/2006/0934

exchange.xforce.ibmcloud.com/vulnerabilities/25193