Vulnerability Database

296,223

Total vulnerabilities in the database

CVE-2006-2157

SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". NOTE: This is a different vulnerability than CVE-2005-4246.

Published: May 3, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-2157
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
plogger / plogger	2.1-beta	2.1-beta.x