header-logo
Suggest Exploit
vendor:
PhpWebGallery
by:
9
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: PhpWebGallery
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

PhpWebGallery SQL Injection Vulnerability

PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Mitigation:

To mitigate this vulnerability, ensure that all user-supplied input is properly validated and sanitized before being used in SQL queries. Additionally, it is recommended to use parameterized queries or prepared statements to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15837/info
 
PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries.
 
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. 

http://www.example.com/category.php?cat=search&search=[SQL]

Navigation

Suggest Exploit

Services By CQR