ClickGallery Server - SQL Injection

Author: SONIC
type: webapps
platform: asp
port: 
date_added: 2010-07-08 
date_updated: 2010-07-09 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

==============================================================
ClickGallery Server--SQl iNjection  Vulnerabilty
==============================================================


Name : ClickGallery Server--SQl iNjection  Vulnerabilty
Date : july 9,2010
Critical Level     :VERY HIGH
vendor URL :   http://www.clickgallery.net/



Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****]
###################################
I'm SONiC member from Inj3ct0r Team
###################################

Description:

ClickGallery Server is a full featured online image gallery application. It supports multiple user accounts with the ability to have public/private galleries.

#######################################################################################################
eXploit :SQL injection  Vulnerabilty

DEMO URL  http://www.site.net/gallery.asp?currentpage=1 [SqLi]



###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco