Snipe Gallery version 3.1.5 suffers from a remote SQL injection vulnerability.
4385cd1ec5697336f166770fce0308a98d592997d382b8f966f5ac7061cbe7a8
# Exploit Title: snipe gallery Script Sql Injection
# Date: 26/06/2010
# Author: dev!l ghost
# Email: aws(at)live(dot)it
# Site : www.h00forall.com
# Script url: http://sourceforge.net/projects/snipegallery/
# Version: 3.1.5
# Tested on: Windows
# CVE : ()
:::::::::::::::::::::::::
=================Exploit=================
DorK:(Snipe Gallery v.3.1.5 by Snipe.Net)
When You search with the dork you will find a lot of sites ,,enter
site and you will find a lot of pictures enter any picture and
the pot the(')and start the inject
the inject is very easy
----exploit----
{{DeMo}}
http://www.onesteppublishing.com/snipe/image.php?page=1&search_type=and&image_id=78(SQLI)
---------greatz----------
Greatz to all my frinds and the all muslims
and Volc4n0 and Golden Ice and mr.ip
and the all
thank you
_________________________________________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
https://signup.live.com/signup.aspx?id=60969
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed