3 matches found
EUVD-2007-0086
Malware in sbrugna...
IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities
No description provided by source. Name : IMGallery 2.5 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Conditions : magicquotesgpc = off ;/ Greetz : irk4z, GregStar, ZaBeaTy, d3d!k, CodersWorld, gathering and Avantura ;...
IMGallery Start.PHP任意文件上传漏洞
IMGallery是一款基于PHP的WEB应用程序。 IMGallery不正确过滤用户提交的输入,远程攻击者可以利用漏洞上传任意脚本以WEB权限执行任意命令。 问题是上传处理脚本对用户提交的扩展名缺少过滤,提交类似hauru.jpg.png.php之类的PHP,可绕过检查,以WEB权限执行任意PHP命令。 IMGallery IMGallery 2.5 目前没有解决方案提供: http://www.imgallery.zor.pl/ ? //Kacper Settings $exploitname = "IMGallery = 2.5 Create Uploader Script...