CVE-2006-6195

Fixit iDMS Pro Image Gallery - SQL Injection via show_id, parentid, or fid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-6195. PoCs published by Aria-Security Team.

AI-analyzed exploit summary The provided text describes SQL injection and HTML injection vulnerabilities in Fixit iDMS Pro, but does not include actual exploit code. It references a generic example URL for SQL injection without implementation details.

Description

Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/29179

The provided text describes SQL injection and HTML injection vulnerabilities in Fixit iDMS Pro, but does not include actual exploit code. It references a generic example URL for SQL injection without implementation details.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Fixit iDMS Pro
No auth needed
Prerequisites: Network access to the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/29178

The provided text describes SQL injection vulnerabilities in Fixit iDMS Pro, detailing vulnerable parameters in specific URLs. No actual exploit code is present, only a vulnerability description.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Fixit iDMS Pro
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30513
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452567/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21282
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017281

Scores

EPSS 0.0102
EPSS Percentile 58.9%

Details

Status published
Products (1)
fixit_knowledge_solutions/idms_pro_image_gallery
Published Dec 01, 2006
Tracked Since Feb 18, 2026