CVE-2006-6937

Pensacola WEB Designs Xtremeasp Photogallery - SQL Injection

Title source: rule
STIX 2.1

Description

SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary SQL commands via the sortorder parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/29063

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30324
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/31507
Vendor Advisory x_refsource_misc
http://aria-security.net/advisory/xtremeg.txt
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451786/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21138
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2148

Scores

EPSS 0.0167
EPSS Percentile 82.2%

Details

Status published
Products (1)
pensacola_web_designs/xtremeasp_photogallery 2.0
Published Jan 17, 2007
Tracked Since Feb 18, 2026