Cycade Gallery - SQL Injection

EDB-ID:

18591

CVE:





Platform:

PHP

Date:

2012-03-13


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: Cycade Gallery SQL Injection Exploit
# Date: 3/12/2012
# Author: -DownFall
# Vendor or Software Link: Cycade Content Management - (http://www.cycade.com/)
# Category: Web Apps - (0-Day)
# Google dork: intext:"Powered by Cycade" inurl:"g_id="
# Tested on: Windows 7

http://server/common/catalog2.php?g_id=[SQLi]

Shoutout to all members of Team Intra