Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SQL Injection in Softbiz Image Gallery

From: xx_hack_xx_2004 () hotmail com
Date: 31 Mar 2006 21:13:29 -0000
Hello
Vulnerable: Softbiz Image Gallery
http://www.softbizscripts.com

Exploit :
http://example.com/imagegallery/image_desc.php?id=[SQL]

http://example.com/imagegallery/template.php?provided=[SQL]

http://example.com/imagegallery/suggest_image.php?cid=[SQL]

http://example.com/imagegallery/insert_rating.php?img_id=[sql]

http://example.com/imagegallery/images.php?cid=[SQL]

Discovery by Linux_Drox

http://LeZr.Com

Best Regards ,,
Previous By Date Next
Previous By Thread Next

Current thread: