CVE-2006-6932

Image Gallery with Access Database - SQL Injection via id, order, or page Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-6932. PoCs published by Aria-Security Team.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in 'Image gallery with Access Database' but lacks actual exploit code. It references a generic exploit path without technical details or payloads.

Description

Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp, or the (2) order or (3) page parameter to (b) default.asp.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/29053

The provided text describes a SQL injection vulnerability in 'Image gallery with Access Database' but lacks actual exploit code. It references a generic exploit path without technical details or payloads.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Image gallery with Access Database (version unspecified)
No auth needed
Prerequisites: Network access to the vulnerable application · Knowledge of the target URL path
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/29054

The provided text describes SQL injection vulnerabilities in an unspecified 'Image gallery with Access Database' application. It outlines vulnerable parameters in URLs but does not include executable exploit code.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Image gallery with Access Database (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2147
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21131
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451875/100/0/threaded

Scores

EPSS 0.0098
EPSS Percentile 57.6%

Details

Status published
Products (1)
image_gallery_with_access_database/image_gallery_with_access_database
Published Jan 16, 2007
Tracked Since Feb 18, 2026