snipe Gallery Script - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1060540 漏洞类型
发布时间 2010-06-25 更新时间 2010-06-25
漏洞平台 PHP CVSS评分 N/A
# Exploit Title:   snipe gallery Script Sql Injection
# Date: 26/06/2010
# Author: dev!l ghost
# Email: aws(at)live(dot)it
# Site :
# Script url:
# Version: 3.1.5
# Tested on: Windows
# CVE : ()
DorK:(Snipe Gallery v.3.1.5 by Snipe.Net)

When You search with the dork you will find a lot of sites ,,enter
site and you will find a lot of pictures enter any picture and 
the pot the(')and start the inject

the inject is very easy 



Greatz to all my frinds and the all muslims 
and Volc4n0 and Golden Ice and mr.ip
and the all