|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
SQL Injection in Softbiz Image Gallery
xx_hack_xx_2004
hotmail.com
Date: Fri Mar 31 2006 - 15:13:29 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello
Vulnerable: Softbiz Image Gallery
http://www.softbizscripts.com
Exploit :
http://example.com/imagegallery/image_desc.php?id=[SQL]
http://example.com/imagegallery/template.php?provided=[SQL]
http://example.com/imagegallery/suggest_image.php?cid=[SQL]
http://example.com/imagegallery/insert_rating.php?img_id=[sql]
http://example.com/imagegallery/images.php?cid=[SQL]
Discovery by Linux_Drox
http://LeZr.Com
Best Regards ,,
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]