TCW PHP Album Multiple Vulnerability

2010-07-04T00:00:00
ID 1337DAY-ID-13113
Type zdt
Reporter L0rd CrusAd3r
Modified 2010-07-04T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ====================================
TCW PHP Album Multiple Vulnerability
====================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                ###########################################           1
0                I'm L0rd CrusAd3r member from Inj3ct0r Team           1
1                ###########################################           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title: TCW PHP Album Multiple Vulnerability
Vendor url:http://tcwphpalbum.sourceforge.net/
Version:1
Published: 2010-07-4
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat, Sai, KD, M4n0j.
Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

TCW PHP Album is a set of PHP scripts that (using MySQL and the GD Library) allow you to easily make online multimedia albums. With an intuitive administrative panel you can quickly add albums, photos, themes, and change site settings. It also has commenting, where people can post comments on images and numerically rate pictures, as well as other features such as IP restriction/banning. Recently added, you can also make automatic slideshows.
TCW PHP Album requires the following:

??? * PHP 4.1.2 or higher, --with-mysql
??? * The GD Image Library OR ImageMagick's Convert
??? * Minimum of PNG support for the above
??? * A MySQL database - tested with 3.2x
??? * TCW PHP Album is operating system independent. TCW PHP Album does not support the GD Image library as it is lacking many features of convert, but the option is available.

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Vulnerability:

*SQL Vulnerability

DEMO URL:

http://www.tcwonline.org/~greentryst/photos/index.php?album=[sqli]

*XSS Vulnerability

DEMO URL :

http://www.tcwonline.org/~greentryst/photos/index.php?album=[xss]

*URL Redirection Vulnerability

DEMO URL:

http://www.tcwonline.org/~greentryst/photos/index.php?album=[url redirection]

*HTML Injection

DEMO URL:

http://www.tcwonline.org/~greentryst/photos/index.php?album=[html]

# 0day n0 m0re #
# L0rd CrusAd3r #



#  0day.today [2016-04-20]  #