0day - e107 Plugins PPGallery - Multiple Vulnerabilities
http://e107.org/e107_plugins/bugtrack/bugtrack.php?
action=show&id=5401&cat=all&res=all&status=all&flag=off&ver=
action=show&id=5401&cat=all&res=all&status=all&flag=off&ver=
== SQL Injection ==
http://e107/e107_plugins/ppgallery/add_image.php?id=%inject_here%
http://e107/e107_plugins/ppgallery/edit_image.php?id=%inject_here%
http://e107/e107_plugins/ppgallery/delete.php?id=%inject_here%
http://e107/e107_plugins/ppgallery/edit_gallery.php?id=%inject_here%
if (isset($_GET['id'])) {$id=$_GET['id'];}
if (isset($_POST['id'])) {$id=$_POST['id'];}
add_image.php
$gallery=mysql_query("SELECT * FROM ".MPREFIX."ppgallery_gallerys WHERE gallery='".$id."'");
== Arbitrary File Upload ==
http://e107/e107_plugins/ppgallery/add_image.php?id=1
http://e107/e107_plugins/ppgallery/edit_image.php?id=1
http://localhost/e107_1.0.4_full/e107_plugins/ppgallery/ch_new.php
== No Authentication Required ==
Disclaimer: gambar, artikel ataupun video yang ada di web ini terkadang berasal dari berbagai sumber media lain. Hak Cipta sepenuhnya dipegang oleh sumber tersebut. Jika ada masalah terkait hal ini, Anda dapat menghubungi kami di halaman ini.