4 matches found
CVE-2009-4627
CVE-2009-4627 : Directory traversal in Moa Gallery 1.2.0 and earlier. The issue occurs in sources/_template_parser.php via the p_filename parameter, where a ".." path segment enables reading arbitrary files. This is a targeted file access vulnerability in Moa Gallery, with no remediation details ...
Moa Gallery 1.2.0 File Disclosure
Moa Gallery = 1.2.0 Remote File Disclosure Vulnerability Code In sources\templateparser.php $filename = $MOAPATH."templates/".$templatename."/".$pfilename; $fp = @fopen$filename, "r"; if !$fp && isbool$fp $fp = $fp = @fopen$MOAPATH."templates/MoaDefault/".$pfilename, "r"; POC...
Moa Gallery 1.2.0 (index.php action) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ Moa Gallery 1.2.0 index.php action SQL Injection Vulnerability ================================================================ Remote SQL Injection Vulnerability index.php...
Moa Gallery 1.2.0 - 'p_filename' Remote File Disclosure
Moa Gallery = 1.2.0 Remote File Disclosure Vulnerability Code In sources\templateparser.php $filename = $MOAPATH."templates/".$templatename."/".$pfilename; $fp = @fopen$filename, "r"; if !$fp && isbool$fp $fp = $fp = @fopen$MOAPATH."templates/MoaDefault/".$pfilename, "r"; POC...