ClickGallery view_gallery.asp Multiple Variable SQL Injection

2006-11-26T09:03:57
ID OSVDB:30761
Type osvdb
Reporter OSVDB
Modified 2006-11-26T09:03:57

Description

Manual Testing Notes

http://[target]/view_gallery.asp?gallery_id=809&currentpage=[SQL Injection] http://[target]/view_gallery.asp?gallery_id=[SQL injection]

References:

Secunia Advisory ID:23136 Related OSVDB ID: 30765 Related OSVDB ID: 30766 Related OSVDB ID: 30763 Related OSVDB ID: 30762 Related OSVDB ID: 30764 Other Advisory URL: http://www.aria-security.com/forum/showthread.php?t=49 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0519.html FrSIRT Advisory: ADV-2006-4743 CVE-2006-6187