CVE-2006-2749

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/06/2006
Last modified:
03/04/2025

Description

SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary SQL commands via the (1) txtCustomField and (2) CustomFieldID array parameters.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:open_searchable_image_catalogue:open_searchable_image_catalogue:*:*:*:*:*:*:*:* 0.7.0.0 (including)