by r0t,der4444,cembo,VietMafia

Wednesday, November 30, 2005

Instant Photo Gallery SQL inj. vuln.

Instant Photo Gallery SQL inj. vuln.
Vuln. dicovered by : r0t
Date: 30 nov. 2005
Vendor:http://www.instantphotogallery.com
affected version:v1 and prior

Product Description:
Instant Photo Gallery is a new website authoring and gallery management system developed by a photographer for photographers. Unlike other free gallery software systems out there, IPG doesn't bog you down with lots of non-professional features like slideshows, image ratings, or comments. No "member gallery" management and permissions features.No complicated configurations or multiple templating systems.
There's nothing wrong with gallery systems like Coppermine and Gallery. We think they're great, and use them for many of our projects. However, they can be overkill and lack the professional simplicity needed for the fast development and customization of a professional photographer or model website.
If you need an elegant solution that allows you to create the kind of site that most professionals need, download Instant Photo Gallery and give it a try it's FREE!

Vuln. Description:
Input passed to the "cat_id" parameter in "portfolio.php" and "cid" parameter in "content.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


examples:
/portfolio.php?cat_id=[SQL]
/content.php?cid=[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

2 Comments:

Blogger Kim told...

Would you like to know more about our web master resources site. It is a great web master resources resource.

6:38 AM

 
Blogger My VoIp Solutions told...

Hi thanks for your blog, I liked it! I also have a blog/site about flyfone voip that covers flyfone voip related stuff. Please feel free to visit.

9:11 AM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew