i-Gallery – Multiple Vulnerabilities

  • 作者: SONIC
    日期: 2010-07-08
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/14284/
  • ==============================================================
i-Gallery --Multiple Vulnerability
==============================================================


Name : i-Gallery --Multiple Vulnerability
Date : july 9,2010
Critical Level :VERY HIGH
vendor URL : http://www.b-cp.com


Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****] 
###################################
I'm SONiC member from Inj3ct0r Team
################################### 

Description:

i-Gallery is a complete online photo gallery. Easy to navigate thumbnails with paging. Enlarged views offer print & email buttons. Secured backend features: create/delete folders, upload/delete images, add descriptions, move images, and much more.

#######################################################################################################
Xploit :Arbitrary File IncludeVulnerabilty 

DEMO URLhttp://www.site.com/igallery34/viewphoto.asp?i=[file include]&f=fghd&sh=27768&sw=1024

Xploit :Persistent XSS Vulnerabilty 

DEMO URLhttp://www.site.com/igallery34/submitphotos.asp?mi=1



###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco