ClickGallery Server - SQL Injection

EDB-ID:

14283

CVE:

N/A


Author:

SONIC

Type:

webapps


Platform:

ASP

Date:

2010-07-08


==============================================================
ClickGallery Server--SQl iNjection  Vulnerabilty 
==============================================================


Name : ClickGallery Server--SQl iNjection  Vulnerabilty 
Date : july 9,2010
Critical Level     :VERY HIGH
vendor URL :   http://www.clickgallery.net/



Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****] 
###################################
I'm SONiC member from Inj3ct0r Team
################################### 

Description:

ClickGallery Server is a full featured online image gallery application. It supports multiple user accounts with the ability to have public/private galleries.

#######################################################################################################
eXploit :SQL injection  Vulnerabilty 

DEMO URL  http://www.site.net/gallery.asp?currentpage=1 [SqLi]



###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco