{"href": "https://www.seebug.org/vuldb/ssvid-17160", "status": "poc", "bulletinFamily": "exploit", "modified": "2008-02-14T00:00:00", "title": "freePHPgallery 0.6 Cookie Local File Inclusion Vulnerability", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-17160", "cvelist": [], "description": "No description provided by source.", "viewCount": 3, "published": "2008-02-14T00:00:00", "sourceData": "\n --==+================================================================================+==--\n--==+\t\tfreePHPgallery 0.6 Cookie Local File Inclusion +==--\n--==+================================================================================+==--\n\n Author: MhZ91\n Title: freePHPgallery 0.6 Cookie Local File Inclusion\n Download: http://sourceforge.net/projects/freephpgallery/\n Bug: Local File Inclusion\n Info: freePHPgallery is a easy-to-use free PHP picture gallery. Automatic creation of picture indexes with thumbnails, commenting function, selection of multiple languages. This software does not NOT require a database or other additional software.\n Visit: http://www.inj3ct-it.org\n\n[*]----------------------------------------------------------\n\nfreePHPgallery 0.6 present a local file inclusion in this file\n\nindex.php\ncomment.php\nshow.php\n\n<?php\n\n[...]\n\nif($_COOKIE['lang']!="")\n{if(file_exists("./lang/".$_COOKIE['lang'])){include ("./lang/".$_COOKIE['lang']);};}\n\n[...]\n\n?>\n\nwe can modify the cookie lang value whit a ../../../../ etc... and give a local file inclusion \n\n\n[*]----------------------------------------------------------\n\n# milw0rm.com [2008-02-14]\n\n ", "id": "SSV:17160", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T22:00:59", "reporter": "Root", "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.2}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645509430}}

{}