السلام عليكم
والحمد لله اليوم اكتشفت ثغرة بنفسي والحمد لله
شوفو الثغرة
كود PHP:
# Exploit Title: snipe gallery Script Sql Injection
# Date: 26/06/2010
# Author: dev!l ghost
# Email: aws(at)live(dot)it
# Site : www.h00forall.com
# Script url: http://sourceforge.net/projects/snipegallery/
# Version: 3.1.5
# Tested on: Windows
# CVE : ()
:::::::::::::::::::::::::
=================Exploit=================
DorK:(Snipe Gallery v.3.1.5 by Snipe.Net)
When You search with the dork you will find a lot of sites ,,enter
site and you will find a lot of pictures enter any picture and
the pot the(')and start the inject
the inject is very easy
----exploit----
{{DeMo}}
http://www.onesteppublishing.com/snipe/image.php?page=1&search_type=and&image_id=78(SQLI)
---------greatz----------
Greatz to all my frinds and the all muslims
and Volc4n0 and Golden Ice and mr.ip
and the all
thank you
كلمة شكر تكفيني وتشجعني على المزيد لا تنسون smilies15smilies15
eyvm lk h;jahtd h]og dh FyouD