DIMVA CTF 2013 - Web100 Writeup
The site give us an image uploader where you can add your photos (only JPG images is accepted) in a gallery(one per team). The vulnerability was very easy to exploit: when you upload the image the script take its comment (if doesnt exist it dies with a error) and insert it into a SQL Lite database.
So just download exiv2 and run:
$exiv2 -c "' union select password from pictures-- -" index4
Then upload it and get flag.