CVE-2006-6247

Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.

Date published : 2006-12-04

http://www.securityfocus.com/bid/21319

http://www.securityfocus.com/archive/1/452827/100/0/threaded