admin
07-30-2005, 01:13 AM
PHPmyGallery
http://phpmygallery.kapierich.net/en/
July 30, 2005
http://secunia.com/advisories/16260/
Description:
Securitysos Inc. has reported a vulnerability in PHPmyGallery, which can be exploited by malicious people to compromise a vulnerable system.
Input passed to the "confdir" parameter in "common-tpl-vars.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.
Successful exploitation requires that "register_globals" is enabled.
The vulnerability has been reported in version 1.5 beta and prior (latest affected stable version is 0.995).
Solution:
The vendor recommends restricting access to the "_conf" directory.
http://phpmygallery.kapierich.net/en/news/?file=2005-07-15
The vulnerability will reportedly be fixed in the upcoming 1.5 beta 2 version.
Provided and/or discovered by:
Securitysos Inc.
Original Advisory:
http://securitysos.info/advisories/1.txt
http://phpmygallery.kapierich.net/en/
July 30, 2005
http://secunia.com/advisories/16260/
Description:
Securitysos Inc. has reported a vulnerability in PHPmyGallery, which can be exploited by malicious people to compromise a vulnerable system.
Input passed to the "confdir" parameter in "common-tpl-vars.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.
Successful exploitation requires that "register_globals" is enabled.
The vulnerability has been reported in version 1.5 beta and prior (latest affected stable version is 0.995).
Solution:
The vendor recommends restricting access to the "_conf" directory.
http://phpmygallery.kapierich.net/en/news/?file=2005-07-15
The vulnerability will reportedly be fixed in the upcoming 1.5 beta 2 version.
Provided and/or discovered by:
Securitysos Inc.
Original Advisory:
http://securitysos.info/advisories/1.txt