Invision Gallery 2.0.5 - SQL Injection Vulnerability



EDB-ID: 24180 CVE: N/A OSVDB-ID: 89337
Author: Ashiyane Digital Security Team Published: 2013-01-17 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Screenshot
Prev Home Next
##############
# Exploit Title : Invision Gallery SQL Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# software Homepage: www.invisionpower.com/apps/gallery/
#
# Home : ww.Ashiyane.org
#
# Security Risk : High - SQL Injection
#
# version : 2.0.5
#
# Dork : Invision Gallery 2.0.5 © 2013  IPS, Inc.   inurl:img=  or Invision Gallery 2.0.5  IPS, Inc.   inurl:img=
#
##############
#location: site/index.php?automodule=gallery&cmd=si&img=[SQL]
#  or site/act=module&module=gallery&cmd=si&img=[SQL]  
#
##############
# [Inject with Havij or inject manually]
##############
#Greetz to: My Lord ALLAH
##############
#
#Amirh03in
#
##############