Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) [SA19512] gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities [SA19503] MonAlbum Multiple SQL Injection Vulnerabilities [SA19520] Blank'N'Berg Directory Traversal and Cross-Site Scripting ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution From:xx_hack_xx_2004_(at)_hotmail.com <xx_hack_xx_2004_(at)_hotmail.com> Date:04.04.2006Subject:SQL Injection in Softbiz Image GalleryHello Vulnerable: Softbiz Image Gallery http://www.softbizscripts.com Exploit : http://example.com/imagegallery/image_desc.php?id=[SQL] http://example.com/imagegallery/template.php?provided=[SQL] http://example.com/imagegallery/suggest_image.php?cid=[SQL] http://example.com/imagegallery/insert_rating.php?img_id=[sql] http://example.com/imagegallery/images.php?cid=[SQL] Discovery by Linux_Drox http://LeZr.Com Best Regards ,,
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
[SA19512] gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities
[SA19503] MonAlbum Multiple SQL Injection Vulnerabilities
[SA19520] Blank'N'Berg Directory Traversal and Cross-Site Scripting
ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution
