Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

phpPhotoAlbum.txt

🗓️ 11 Sep 2000 00:00:00Reported by Kostas PetrakisType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 14 Views

Vulnerability in PhotoAlbum 0.9.9 allows directory traversal via explorer.php script.

Code
` *************************************************  
+ PhotoAlbum 0.9.9 explorer.php Vulnerability +  
*************************************************  
# Advisory by pestilence #  
# www.synnergy.net #  
|===============================================|  
  
  
Affected program: PhotoAlbum v0.9.9 (previous ?)  
System : Linux, UNIX, Windows  
Problem : Problem located within the explorer.php script.  
Discovery : [email protected]  
  
Discussion  
----------  
  
phpPhotoAlbum is the next generation of dynamic photo albums, distributed under GPL.  
This product is made by the 'Professional Web Application Development Group' and   
can be downloaded from http://www.phpphotoalbum.com/  
  
Specialised features of this PHP script include:  
  
.Custom Photo Folder Messages   
.Multi-level Photo Albums   
.Graphic User Interface   
.Supported Most Image Types   
  
  
Vulnerability  
-------------  
  
Any user is able to traverse a directory as a request to the script using the $folder  
variable. It is then possible to read any file/folder with priviledges as the httpd.  
  
For instance:  
http://www.phpphotoalbum.com/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/  
  
.. will reveal all the files located in the specified directory.  
  
  
Solution  
--------  
  
The vendors have been informed of the bug.  
  
Wait for the next patched version of PhotAlbum to be released.  
  
----------------------------------------  
WEB: http://www.synnergy.net  
----------------------------------------  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Sep 2000 00:00Current
7.4High risk
Vulners AI Score7.4
photoalbum vulnerabilitydirectory traversalexplorer.php scriptlinux unix windowspestilence discovery.
14