<<< Date Index >>>     <<< Thread Index >>>

Full Path Disclosure In Photolibrary 1.009(Update)



There has been a change to the solution.

!solution

Change line 48 so that the include statement stops null input and incorrect 
input:

if($page == NULL)
echo("Get lost! Stop Trying to get path disclosure!");
else
{
        if(!file_exists($page.'.css'))
        {
        echo("Get lost! Stop Trying to get path disclosure!");
        }
        else
        {
        include($page.'.css');
        }
        
}

The vendor has not yet been notified.

============================================================
!author
Xia Shing Zee
============================================================