TUCoPS :: HP Unsorted C :: c07-1007.htm

ClickGallery Sql Injection
ClickGallery Sql Injection
ClickGallery Sql Injection


#Aria-Security Team Advisory
# For English > 
# For Persian > 
#-----------------------------------------------------------
#Software: Click Gallery
#Method: SQL Injection  And XSS
#Vendor:ClickGallery.net
#
#PoC:
#
#
#http://target/view_gallery.asp?gallery_id=809¤tpage=[SQL Injection] 
#http://target/view_gallery.asp?gallery_id=[SQL injection] 
#http://target/download_image.asp?image_id=[SQL Injection] 
#http://target/gallery.asp?currentpage=[SQL Injection] 
#http://target/view_recent.asp?currentpage=[SQL Injection] 
#http://taget/gallery.asp?currentpage=2&orderby=[SQL Injection] 
#
#You are able to use XSS by searching your script .
#example in Search: 
#
#Contact: Advisory@aria-security.net

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH