cpe:/a:francisco_charrua:photo-gallery:1.0 CVE-2006-3688 2006-07-21T10:03:00.000-04:00 2011-08-05T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-07-21T13:41:00.000-04:00 ALLOWS_OTHER_ACCESS SECTRACK 1016505 BID 19020 BUGTRAQ 20060711 MyGallery BUGTRAQ 20060711 MyGallery "Room.php" SQL Injection SECUNIA 21084 VUPEN ADV-2006-2834 SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.