ASPSiteWare ASP Gallery 1.0 - SQL Injection

EDB-ID:

15682

CVE:

N/A

EDB Verified:

Author:

R4dc0re

Type:

webapps

Exploit:   /  

Platform:

ASP

Date:

2010-12-04

Vulnerable App: 
# Author: R4dc0re
# Exploit Title: ASPSiteware Gallery SQL injection Vulnerability
# Date: 04-12-2010
# Vendor or Software Link: www.aspsiteware.com
# Category:WebApp
#Demo Link:http://www.aspsiteware.com/Gallery/
#Version:1.0
#Price:50$
#Contact: R4dc0re@yahoo.fr
#Website: www.1337db.com
#Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members 

Submit Your Exploit at Submit@1337db.com

###################################################################
[Product Detail]

ASP Gallery is a web based image gallery application.
Backend by Access database, ASP Gallery can store thousands of images in categories.
Each image is displayed with name and description.
You can customize ASP Gallery for the look and feel of your website.
ASP Gallery is an excellent add-on application for your web site.
It is designed to be a complete ready-to-use image listing.You just add your images.
Start posting your images online and attracting more customers to your site by using this application.
 
[Vulnerability]

SQL Injection:

http://server/Gallery/type.asp?iType=[Code]
###################################################################
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services