|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[VulnWatch] zOOM Media Gallery - Simple SQL Injection discovery
From: Andreas Constantinides (aconstantinides
OdysseyConsultants.com)
Date: Mon Apr 11 2005 - 00:24:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Description:
zOOm Media Gallery (http://zoom.ummagumma.nl) is a php/sql component+module for MamboCMS and is in use by many sites of the internet.
I discover a simple SQL Injection in it.
Affected Versions:
zOOm Image Gallery 2.1.2, *
POC:
It is possible to proof my concept using the original site of zOOM:
http://zoom.ummagumma.nl/mikedeboer/index.php?option=com_zoom&Itemid=39&catid=2+OR+1=1
the above url can show all images in all categories of images of the zOOM gallery database but other commands are also possible that can result in a database owning.
Andreas Constantinides
www.megahz.org
www.odysseyconsultants.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]