Invision Gallery 2.0.5 – SQL Injection

Exploit Database
87 阅读

作者： Ashiyane Digital Security Team

日期： 2013-01-17
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/24180/

##############
# Exploit Title : Invision Gallery SQL Injection
#
# Exploit Author : Ashiyane Digital Security Team
#
# software Homepage: www.invisionpower.com/apps/gallery/
#
# Home : ww.Ashiyane.org
#
# Security Risk : High - SQL Injection
#
# version : 2.0.5
#
# Dork : Invision Gallery 2.0.5 © 2013IPS, Inc. inurl:img=or Invision Gallery 2.0.5IPS, Inc. inurl:img=
#
##############
#location: site/index.php?automodule=gallery&cmd=si&img=[SQL]
#or site/act=module&module=gallery&cmd=si&img=[SQL]
#
##############
# [Inject with Havij or inject manually]
##############
#Greetz to: My Lord ALLAH
##############
#
#Amirh03in
#
##############

last Exploits
Invision Gallery 2.0.5 – SQL Injection的更多信息

WordPress Theme Black-LetterHead 1.5 – ‘index.php’ Cross-Site Scripting：
BitDefender GravityZone 5.1.5.386 – Multiple Vulnerabilities：
Purchase Order Management System 1.0 – Remote File Upload：
Invision Power Board 1.x?/2.x/3.x – Admin Takeover：
WordPress Plugin Zephyr Project Manager 3.2.42 – Multiple SQLi：
FS IMDB Clone – ‘id’ SQL Injection：
Concrete CMS < 5.5.21 - Multiple Vulnerabilities：
Zoom Telephonics ADSL Modem/Router – Multiple Vulnerabilities：