EUVD-2006-6052

Malware in sbrugna...

EUVD-2006-6051

Malware in sbrugna...

CVE-2007-1045

mAlbum 0.3 has default accounts 1 "login"/"pass" for its administrative account and 2 "dqsfg"/"sdfg", which allows remote attackers to gain privileges...

CVE-2007-1045

CVE-2007-1045 affects mAlbum 0.3, where the administrative account has default credentials (1) login/pass and (2) dqsfg/sdfg. This allows remote attackers to gain privileges. The provided sources confirm the credential default issue and privilege escalation risk, with no explicit mitigation or pa...

CVE-2007-1045

mAlbum 0.3 has default accounts 1 "login"/"pass" for its administrative account and 2 "dqsfg"/"sdfg", which allows remote attackers to gain privileges...

mAlbum v0.3 admin by default user/pass

mAlbum v0.3 admin by default user/pass By : sn0oPy Risk : high exploit : at http://www.target.ma/malbum/index.php when private images Login : login Password : pass after login, you can creat new admin account, delete it,... Dork : inurl:"malbum/" Default user/pass present here :...

mAlbum v0.3 local file inclusion

25/11/06 @@ Produit Vulnrable : mAlbum v0.3 Site officiel du produit : http://satz.free.fr/ Vulnrabilitiezz : 1 Local file inclusion : http://127.0.0.1/malbum/index.php?gal=../../../../../../BOOT.INI00 Screen capturzz : http://anas.maslouhy.net/03.JPG Tux25 - tux025atgmailpointcom :...

CVE-2006-6068

Directory traversal vulnerability in the cachedalbum function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a .. dot dot in the gal parameter to index.php...

CVE-2006-6069

index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter...

CVE-2006-6068

The CVE-2006-6068 entry concerns a directory traversal in the mAlbum 0.3 and earlier release. The vulnerability occurs in the cached_album function in functions.php, where user input passed via the gal parameter to index.php can be traversed using dot-dot sequences to list filenames of arbitrary ...

CVE-2006-6069

index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter...

CVE-2006-6069

CVE-2006-6069 affects mAlbum 0.3 and earlier; index.php is vulnerable to an invalid gal parameter, enabling remote attackers to obtain the installation path. The CVSS2 base score is 5.0 (NETWORK vector, low attack complexity, no authentication, partial confidentiality impact). No remediation deta...

mAlbum v0.3 Multiple vulnerabilitizzz

20/11/06 Produit Vulnrable : mAlbum v0.3 Site officiel du produit : http://satz.free.fr/ Vulnrabilitiezz : 1 Multiple Full path disclosure : http://localhost/malbum/index.php?gal=" 2Directory traversal :http://localhost/malbum/index.php?gal=../../../ Screen capturzz :...

malbum03.txt

20/11/06 Produit Vulnérable : mAlbum v0.3 Site officiel du produit : http://satz.free.fr/ Vulnérabilitiezz : 1 Multiple Full path disclosure : http://localhost/malbum/index.php?gal=" 2Directory traversal :http://localhost/malbum/index.php?gal=../../../ Screen capturzz :...