Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
SQL Injection in Softbiz Image Gallery
Mar 31 2006 09:13PM
xx_hack_xx_2004 hotmail com
Hello
Vulnerable: Softbiz Image Gallery
http://www.softbizscripts.com
Exploit :
http://example.com/imagegallery/image_desc.php?id=[SQL]
http://example.com/imagegallery/template.php?provided=[SQL]
http://example.com/imagegallery/suggest_image.php?cid=[SQL]
http://example.com/imagegallery/insert_r...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Vulnerable: Softbiz Image Gallery
http://www.softbizscripts.com
Exploit :
http://example.com/imagegallery/image_desc.php?id=[SQL]
http://example.com/imagegallery/template.php?provided=[SQL]
http://example.com/imagegallery/suggest_image.php?cid=[SQL]
http://example.com/imagegallery/insert_r...
[ more ]