CVE-2006-1667
Summary: CVE-2006-1667 affects Eric Gerdes Crafty Syntax Image Gallery (CSIG) up to version 3.1g. The vulnerability is a SQL injection in slides.php caused when the variable $projectid is less than 1, which prevents the limitquery_s parameter from being set. This enables remote authenticated user...