Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:12372
HistoryApr 22, 2006 - 12:00 a.m.

Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites

2006-04-2200:00:00
vulners.com
26
JSON

Software : Scry Gallery
WebSite :http://scry.org/
discovred by :Moroccan Security Team

[+] Directory Traversal :

A remote attacker may employ directory traversal strings '…/' to access arbitrary files outside of the webroot directory.
This flaw is due to an input validation error in the "index.php" script that does not properly validate the "p" field

Exemple:
http://localhost/scry/index.php?v=list&i=0&p=../../

[+] Full Path Disclosure :

The issue is due to an input validation error when processing a non-existing directory passed to the "p" field, which could be exploited by attackers to determine the installation path.

Exemple:

http://localhost/scry/index.php?v=view&i=0&p=simo64

==> /var/www/scry-1.1/…/photos/simo64 does not exist or is not readable by the webserver - please verify settings in setup.php

Simo64
Moroccan Security Team

contact: simo64[at]gmail[dot]com

JSON