CVE-2006-1585

Name of the Vulnerable Software and Affected Versions: MonAlbum version 0.8.7

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in multiple parameters, including pc in index.php, and pnom, pcourriel, pcommentaire in image agrandir.php.

Recommendations: For MonAlbum version 0.8.7, consider restricting access to the index.php and image agrandir.php files until a patch is available. As a temporary workaround, avoid using the pc, pnom, pcourriel, and pcommentaire parameters in the affected API endpoints.