CVE-2006-2344

Description

SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter.

Affected products

• ajax_softwares / alipager1.00 – 1.00
• ajax_softwares / alipager1.12 – 1.12

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/20084
• MISChttp://www.hamid.ir/security/alipager.txt
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/26378
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1773
• MISChttp://www.securityfocus.com/bid/17945