2 matches found
CVE-2006-6195
CVE-2006-6195 describes multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery, allowing remote execution of arbitrary SQL through parameters: show_id or parentid to filelist.asp, and fid to showfile.asp. The CVE is documented by NVD and CVE lists; exploitation details are not pro...
CVE-2006-6196
CVE-2006-6196 describes a cross-site scripting (XSS) vulnerability in the search functionality of the Fixit iDMS Pro Image Gallery. The issue allows remote attackers to inject arbitrary web script or HTML via the search field (txtsearchtext parameter). The NVD entry lists a CVSSv2 base score of 6...