[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060510165830.17000.qmail@securityfocus.com>
Date: 10 May 2006 16:58:30 -0000
From: Dj_ReMix_20@...mail.com
To: bugtraq@...urityfocus.com
Subject: # MHG Security Team --- Gallery Upload Vulnerabilities
# Milli-Harekat Advisory ( www.milli-harekat.org )
# Gallery Upload Vulnerabilities
# Risk : High
# Class: Remote
# Script : Gallery Scripts
# Credits : Dj ReMix
# Thanks : ßy Korsan , Liz0zim ,ESOBAR, PoizinBo0x ,TR_IP ,ERNE ,CyberWolf...
# Vulnerable Scripts :
DUGallery v1.x
Dugallery v2.x
DuPortal v2.x
DuBanner All Versiyon
WizGallery v1.x
AmazonGallery All Version
OzzyWork Galeri All Version
Engel-S Gallery All Version
#Vulnerable Code :
This Code Not Include...
GP_upload=true" name="form1" enctype="multipart/form-data" onSubmit="checkFileUpload(this,'GIF,JPG,JPEG,BMP,PNG',true,'',150,100,64
0,480,'PIC_WIDTH','PIC_HEIGHT');return document.MM_returnValue">
This is Code Deleted Your Scripts And All File Upload victim hosts...
Bye !
Powered by blists - more mailing lists