4 matches found
CVE-2006-6092
Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 Auto Gallery allow remote attackers to execute arbitrary SQL commands via the 1 vehicleID, 2 categoryIDlist, 3 saletype, 4 stocknumber, 5 manufacturer, 6 model, 7 vehicleID, 8 year, 9 vin, and 10 listingprice parameters...
CVE-2006-6092
Multiple SQL injection vulnerabilities in vehiclelistings.asp in 20/20 Auto Gallery allow remote attackers to execute arbitrary SQL commands via the 1 vehicleID, 2 categoryIDlist, 3 saletype, 4 stocknumber, 5 manufacturer, 6 model, 7 vehicleID, 8 year, 9 vin, and 10 listingprice parameters...
CVE-2006-6092
The CVE-2006-6092 entries describe SQL injection vulnerabilities in the 20/20 Auto Gallery vehiclelistings.asp page. Affected component: vehiclelistings.asp in 20/20 Auto Gallery. Root cause: vulnerable parameters (vehicleID, categoryID_list, sale_type, stock_number, manufacturer, model, year, vi...
20/20 auto gallery [ multiples injection sql ]
vendor site:http://www.2020autogallery.com/ product:20/20 auto gallery bug:injection sql global risk:high injection sql get : http://site.com/vehiclelistings.asp?vehicleID='sql http://site.com/vehiclelistings.asp?categoryIDlist='sql http://site.com/vehiclelistings.asp?saletype='sql...