Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: PHP :: b06-1349.htm

Phpwebgallery <= 1.4.1 SQL injection Vulnerability



Phpwebgallery <= 1.4.1 SQL injection Vulnerability
Phpwebgallery <= 1.4.1 SQL injection Vulnerability



Moroccan Security Team (|ucif3r)
Greetz To All Freind

Phpwebgallery 1.4.1 is vulnerable to SQL Injection  Attacks

The flaw is due to input validation errors in the "category.php" script when handling the "search"variables, which could be exploited by malicious people to conduct SQL injection attacks.

Exploit: 

http://localhost/phpwebgallery/category.php?cat=search&search=[SQL] 

t4h4[at]linuxmail[dot]com :D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH