CVE-2006-2749
CVE-2006-2749
SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary SQL commands via the (1) txtCustomField and (2) CustomFieldID array parameters.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/20341http://securityreason.com/securityalert/1014http://securitytracker.com/id?1016178http://sourceforge.net/forum/forum.php?forum_id=576483http://svn.sourceforge.net/viewcvs.cgi/osic-win/branches/osic_0-7/osic/search.php?view=markup&rev=477http://www.seclab.tuwien.ac.at/advisories/TUVSA-0605-001.txthttp://www.securityfocus.com/archive/1/435380/100/0/threadedhttp://www.securityfocus.com/bid/18169