2 matches found
CVE-2006-6937
SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary SQL commands via the sortorder parameter...
CVE-2006-6937
CVE-2006-6937 describes an SQL injection in displaypic.asp of Xtreme ASP Photo Gallery, exploitable via the sortorder parameter. The vulnerability arises in the web application component/display logic, allowing remote attackers to inject arbitrary SQL commands. NVD lists a base score of 7.5 (HIGH...