# MHG Security Team --- Gallery Upload Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: # MHG Security Team --- Gallery Upload Vulnerabilities
From: Dj_ReMix_20@xxxxxxxxxxx
Date: 10 May 2006 16:58:30 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

# Milli-Harekat Advisory ( www.milli-harekat.org )

# Gallery Upload Vulnerabilities

# Risk : High

# Class: Remote

# Script : Gallery Scripts

# Credits : Dj ReMix

# Thanks : ßy Korsan , Liz0zim ,ESOBAR, PoizinBo0x ,TR_IP ,ERNE ,CyberWolf...

# Vulnerable Scripts :

DUGallery v1.x
Dugallery v2.x
DuPortal  v2.x
DuBanner All Versiyon
WizGallery v1.x
AmazonGallery All Version
OzzyWork Galeri All Version
Engel-S Gallery All Version

#Vulnerable Code :

This Code Not Include...

GP_upload=true" name="form1" enctype="multipart/form-data" 
onSubmit="checkFileUpload(this,'GIF,JPG,JPEG,BMP,PNG',true,'',150,100,64
0,480,'PIC_WIDTH','PIC_HEIGHT');return document.MM_returnValue">

This is Code Deleted Your Scripts And All File Upload victim hosts...

Bye !

Prev by Date: PHP Live Helper ASP(chat.php) XSS
Next by Date: Re: Oracle - the last word
Previous by thread: PHP Live Helper ASP(chat.php) XSS
Next by thread: [FLSA-2006:152898] Updated emacs packages fix a security issue
Index(es):
- Date
- Thread