Phpwebgallery <= 1.4.1 SQL injection Vulnerability

2006.04.03

Credit: t4h4 linuxmail org

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2006-1600

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

Moroccan Security Team (|ucif3r)
Greetz To All Freind

Phpwebgallery 1.4.1 is vulnerable to SQL Injection  Attacks

The flaw is due to input validation errors in the "category.php" script when handling the "search"variables, which could be exploited by malicious people to conduct SQL injection attacks.

Exploit:

http://localhost/phpwebgallery/category.php?cat=search&search=[SQL]

t4h4[at]linuxmail[dot]com :D

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Phpwebgallery <= 1.4.1 SQL injection Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Phpwebgallery <= 1.4.1 SQL injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.