[] NeoSense
E X P L O I T S
title author type platform port cve id

snipe Gallery Script - SQL Injection

Author: dev!l ghost
type: webapps
platform: php
port: 
date_added: 2010-06-25 
date_updated: 2010-11-12 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comsnipegallery-3.1.5.zip
# Exploit Title:   snipe gallery Script Sql Injection
# Date: 26/06/2010
# Author: dev!l ghost
# Email: aws(at)live(dot)it
# Site : www.h00forall.com
# Script url: http://sourceforge.net/projects/snipegallery/
# Version: 3.1.5
# Tested on: Windows
# CVE : ()

:::::::::::::::::::::::::


=================Exploit=================
DorK:(Snipe Gallery v.3.1.5 by Snipe.Net)

When You search with the dork you will find a lot of sites ,,enter
site and you will find a lot of pictures enter any picture and
the pot the(')and start the inject

the inject is very easy



----exploit----

{{DeMo}}
http://www.example.com/snipe/image.php?page=1&search_type=and?_id=78(SQLI)

---------greatz----------
Greatz to all my frinds and the all muslims
and Volc4n0 and Golden Ice and mr.ip
and the all
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.