CVE-2006-6147

JiRos Links Manager - SQL Injection via LinkID or CategoryID Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-6147. PoCs published by laurent gaffie.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in JiRos Links Manager due to insufficient input sanitization. It includes a basic example URL demonstrating the vulnerability but lacks executable exploit code.

Description

Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.

Exploits (2)

exploitdb WRITEUP VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29153

The provided text describes a SQL injection vulnerability in JiRos Links Manager due to insufficient input sanitization. It includes a basic example URL demonstrating the vulnerability but lacks executable exploit code.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: JiRos Links Manager
No auth needed
Prerequisites: Access to the vulnerable application URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29152

The provided text describes SQL and HTML injection vulnerabilities in JiRos Links Manager due to insufficient input sanitization. It includes a basic example URL demonstrating SQL injection but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: JiRos Links Manager
No auth needed
Prerequisites: Access to the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452265/100/0/threaded
Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017280
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30462
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21226
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4664
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23063

Scores

EPSS 0.0123
EPSS Percentile 64.9%

Details

Status published
Products (1)
jiros/links_manager 1.0
Published Nov 28, 2006
Tracked Since Feb 18, 2026