nathan purciful phpphotoalbum 0.9.9 - Directory Traversal Vulnerability

2000-09-07T00:00:00
ID EDB-ID:20208
Type exploitdb
Reporter pestilence
Modified 2000-09-07T00:00:00

Description

Nathan Purciful phpPhotoAlbum 0.9.9 Directory Traversal Vulnerability. CVE-2000-0872. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/1650/info

The explorer.php script within phpPhotoAlbum 0.9.9 and possibly previous versions are vulnerable to directory traversal. By requesting a URL composed of explorer.php and the ../ string in the value of the "folder" variable it is possible for a remote user to and gain read access to any file or browse any directory for which the webserver has read access.

Example: 
http://target/phpPhotoAlbum/explorer.php?folder=../../../../