[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: SQL Injection in Softbiz Image Gallery
From: xx_hack_xx_2004 () hotmail ! com
Date: 2006-03-31 21:13:29
Message-ID: 20060331211329.27612.qmail () securityfocus ! com
[Download RAW message or body]
Hello
Vulnerable: Softbiz Image Gallery
http://www.softbizscripts.com
Exploit :
http://example.com/imagegallery/image_desc.php?id=[SQL]
http://example.com/imagegallery/template.php?provided=[SQL]
http://example.com/imagegallery/suggest_image.php?cid=[SQL]
http://example.com/imagegallery/insert_rating.php?img_id=[sql]
http://example.com/imagegallery/images.php?cid=[SQL]
Discovery by Linux_Drox
http://LeZr.Com
Best Regards ,,
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic