+- ZenphotoCMS Forum (https://forum.zenphoto.org)
+-- Forum: Support (https://forum.zenphoto.org/forum-1.html)
+--- Forum: General support (https://forum.zenphoto.org/forum-4.html)
+--- Thread: Totally Blind SQL Injection -- Extract admin username/password (/thread-5451.html)
Totally Blind SQL Injection -- Extract admin username/password - Petros - 08-07-2009
More information here:
http://www.zenphoto.org/trac/ticket/1183
E-mail/PM me for the exploit source and the patch for it. The exploit only works if you aren't logged in already (which a hacker probably isn't anyway) but keep that in mind if you are going to test it. I only tested it on a server with magic_quotes_gpc = off.
Totally Blind SQL Injection -- Extract admin username/password - acrylian - 08-07-2009
The ticket is actually enough. Please see my comment there.
Totally Blind SQL Injection -- Extract admin username/password - sbillard - 09-07-2009
A fix for this issue has been released and will be in the nightly build of 9 July.