Full Path Disclosure In Photolibrary 1.009

2009-02-12T00:00:00
ID SECURITYVULNS:DOC:21345
Type securityvulns
Reporter Securityvulns
Modified 2009-02-12T00:00:00

Description

============================================================ !vuln Photolibrary 1.009 Previous versions may also be affected. ============================================================

============================================================ !risk Low There are currently just a few websites circulating with Photolibrary enabled. ============================================================

============================================================ !dork Dork: inurl:"/photos" photolibrary All images are the copyright of their respective authors. Link to this page ============================================================

============================================================ !discussion Null user input in the following PHP file results in full path disclosure of the document root folder because of the include function: site.com/photolibrary.1.009/photolibrary/css/style.php?page= ============================================================

============================================================ !solution

Change line 48 so that the include statement stops null input:

if($page == '') echo ("Get lost! Stop Trying to get full path disclosure!"); else { include($page.'.css'); }

The vendor has not yet been notified.

============================================================ !greetz Greetz go out to the people who know me. ============================================================

============================================================ !author Xia Shing Zee ============================================================