OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: PhotoAlbum 0.9.9 explorer.php Vulnerability
From: pestilence (pestilenceSYNNERGY.GR)
Date: Wed Sep 06 2000 - 18:38:08 CDT


Affected program: PhotoAlbum v 0.9.9 (previous ???)
Vulnerability: Problem located within the explorer.php script.

Any user is able to pass a directory as request to the script, the
script will read the directory and output all files included in it and
has read access.
for instance:
http://www.phpphotoalbum.com/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/

will reveal all the files located in the specified directory.

Synnergy Networks
==============================
http://www.synnergy.net
Kostas Petrakis aka Pestilence
pestilencesynnergy.net