14 matches found
EUVD-2003-1479
Malware in sbrugna...
EUVD-2003-1478
Malware in sbrugna...
Truegalerie 1.0 Unauthorized Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values...
CVE-2003-1489
Affected software: Truegalerie 1.0. Vulnerable component/flow: upload.php and the file cookie mechanism in form.php, which lets an attacker specify a target filename to read arbitrary files via the image gallery download path. Root cause: handling of filename via a file cookie without proper acce...
CVE-2003-1489
upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery...
CVE-2003-1488
CVE-2003-1488 affects TrueGalerie 1.0. The vulnerability resides in admin.php handling of parameters: when the request to admin.php omits the connect parameter and provides loggedin with any value, an attacker can gain administrator access. Numerous sources (NVD, CVE records, CVE List, Nessus/Nes...
CVE-2003-1488
The 1 verifadmin.php and 2 checkadmin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1...
TrueGalerie admin.php loggedin Parameter Admin Authentication Bypass
Binary data 1548.prm...
CVE-2003-1489
upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery...
CVE-2003-1488
The 1 verifadmin.php and 2 checkadmin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1...
Truegalerie admin.php loggedin Parameter Admin Authentication Bypass
The remote host is running TrueGalerie, an album management system written in PHP. There is a flaw in the version of TrueGalerie that could allow an attacker to log in as the administrator without having to know the password, simply by requesting the URL : /admin.php?loggedin=1 Provided PHP's...
truegalerie.txt
Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.truelogik.net Version : 1.0 Problems : - Admin Access - File Copy PHP Code/Location : °°°°°°°°°°°°°°°°°°° verifadmin.php, checkadmin.php : ------------------------------------------------------------------------ "; echo ""; echo...
Truegalerie 1.0 - Unauthorized Administrative Access
Truegalerie 1.0 - Unauthorized Administrative Access source: https://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values...
Truegalerie 1.0 - Unauthorized Administrative Access
source: https://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values. http://target/admin.php?loggedin=1...