|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: PhotoAlbum 0.9.9 explorer.php Vulnerability
From: pestilence (pestilence
SYNNERGY.GR)Date: Wed Sep 06 2000 - 18:38:08 CDT
- Next message: Oystein Viggen: "Trustix Security Advisory - glibc and friends"
- Previous message: David LeBlanc: "Re: Microsoft NT "un-removable user" Vulnerability."
- Next in thread: ThE MaDj0kEr: "Re: PhotoAlbum 0.9.9 explorer.php Vulnerability"
- Reply: ThE MaDj0kEr: "Re: PhotoAlbum 0.9.9 explorer.php Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Affected program: PhotoAlbum v 0.9.9 (previous ???)
Vulnerability: Problem located within the explorer.php script.
Any user is able to pass a directory as request to the script, the
script will read the directory and output all files included in it and
has read access.
for instance:
http://www.phpphotoalbum.com/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/
will reveal all the files located in the specified directory.
Synnergy Networks
==============================
http://www.synnergy.net
Kostas Petrakis aka Pestilence
pestilencesynnergy.net
- Next message: Oystein Viggen: "Trustix Security Advisory - glibc and friends"
- Previous message: David LeBlanc: "Re: Microsoft NT "un-removable user" Vulnerability."
- Next in thread: ThE MaDj0kEr: "Re: PhotoAlbum 0.9.9 explorer.php Vulnerability"
- Reply: ThE MaDj0kEr: "Re: PhotoAlbum 0.9.9 explorer.php Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]