9 matches found
i-Gallery 3.4 Source Code Disclosure
=========================================================== i-Gallery 3.4 asp Remote Source Code Disclosure Vulnerability ----------------------------------------------------------- foun by :kurdish hackers team group : kurd-team contact : [email protected] site : kurdteam.org...
i-Gallery 3.4 Cross Site Scripting
=========================================================== i-Gallery 3.4 asp Cross-site scripting Vulnerability ----------------------------------------------------------- foun by :kurd-team group : kurdish hackers team contact : [email protected] site : kurdteam.org...
CVE-2007-5777
Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb...
CVE-2007-5776
Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence...
CVE-2007-5777
CVE-2007-5777 affects Blue-Collar Productions i-Gallery 3.4. The vendor’s application stores sensitive information under the web root with insufficient access control, permitting remote attackers to download a file (igallery.mdb) containing a base64-encoded password via a direct request. The NVD ...
i-Gallery 3.4 bug crack password!
we can find file mdb of i-Gallery by link: http://www.hkp.com/igallery/database/igallery.mdb and can crack password on file igallery.mdb! because password is Base64! -------------------- with link : http://www.hkp.com/gallery/igallery.asp?d=5c../../5c we can view file on folder of site!...
CVE-2006-6088
BlueCollar i-Gallery 3.4 is affected by multiple XSS vulnerabilities. A remote attacker can inject arbitrary scripts via the n or d parameters in igallery.asp, or via an unspecified parameter related to search (possibly the Search Gallery field) or the myquery parameter in search.asp. The notes i...
i-Gallery34.txt
Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/i-Gallery34.txt ----------------------------------------------------------- Software: i-Gallery 3.4 Method : Cross Site Scripting PoC: http://target/path/igallery.asp?n=XSS http://target/path/igallery.asp&d=XSS and...
i-Gallery 3.4 Cross Site Scripting
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory : http://aria-security.net/advisory/i-Gallery34.txt ----------------------------------------------------------- Software: i-Gallery 3.4 Method : Cross Site Scripting PoC:...