Phpwebgallery <= 1.4.1 SQL injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Phpwebgallery <= 1.4.1 SQL injection Vulnerability
From: t4h4@xxxxxxxxxxxxx
Date: 3 Apr 2006 14:07:26 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Moroccan Security Team (|ucif3r)
Greetz To All Freind

Phpwebgallery 1.4.1 is vulnerable to SQL Injection  Attacks

The flaw is due to input validation errors in the "category.php" script when 
handling the "search"variables, which could be exploited by malicious people to 
conduct SQL injection attacks.

Exploit: 

http://localhost/phpwebgallery/category.php?cat=search&search=[SQL]

t4h4[at]linuxmail[dot]com :D

Prev by Date: [ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities
Next by Date: Re: recursive DNS servers DDoS as a growing DDoS problem
Previous by thread: [ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities
Next by thread: ReloadCMS <= 1.2.5stable Cross site scripting / remote command execution
Index(es):
- Date
- Thread