Phpwebgallery <= 1.4.1 SQL injection Vulnerability

2006.04.03

Credit: t4h4 linuxmail org

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2006-1600

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

Moroccan Security Team (|ucif3r)
Greetz To All Freind
Phpwebgallery 1.4.1 is vulnerable to SQL Injection Attacks
The flaw is due to input validation errors in the "category.php" script when handling the "search"variables, which could be exploited by malicious people to conduct SQL injection attacks.
Exploit:
http://localhost/phpwebgallery/category.php?cat=search&search=[SQL]
t4h4[at]linuxmail[dot]com :D

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Phpwebgallery <= 1.4.1 SQL injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.