[16626] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PhotoAlbum 0.9.9 explorer.php Vulnerability

daemon@ATHENA.MIT.EDU (pestilence)
Thu Sep 7 00:01:27 2000

MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-7
Content-Transfer-Encoding: 7bit
Message-ID:  <39B6D560.C7ABA710@synnergy.gr>
Date:         Thu, 7 Sep 2000 02:38:08 +0300
Reply-To: pestilence <pestilence@SYNNERGY.GR>
From: pestilence <pestilence@SYNNERGY.GR>
To: BUGTRAQ@SECURITYFOCUS.COM

Affected program: PhotoAlbum v 0.9.9 (previous ???)
Vulnerability: Problem located within the explorer.php script.

Any user is able to pass a directory as  request to the script, the
script will read the directory and output all files included in it and
has read access.
for instance:
http://www.phpphotoalbum.com/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/

will reveal all the files located in the specified directory.

Synnergy Networks
==============================
http://www.synnergy.net
Kostas Petrakis aka Pestilence
pestilence@synnergy.net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16626] in bugtraq

PhotoAlbum 0.9.9 explorer.php Vulnerability

daemon@ATHENA.MIT.EDU (pestilence)Thu Sep 7 00:01:27 2000

daemon@ATHENA.MIT.EDU (pestilence)
Thu Sep 7 00:01:27 2000