Computer Security

Security Advisory: Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  Portcullis Security Advisory - Movable Type

  Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability

  [Full-disclosure] Invision Power Board Privilege Escalation (2.0.1 + more)

  [SA17359] vBulletin Image Script Insertion Vulnerability

From:Preben Nylokken <preben_(at)_watchcom.no>
Date:31.10.2005
Subject:Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images

The MG2 Image Gallery system has the ability to make create online galleries. Even password protected
once.

By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though
they are inside a password protected folder.

Sample manipulation could be:
www.yoursite.com/mg2/index.php?list=*&page=all

The "*" replaces the album number, showing every album.
The "all" command is an option programmed in the system to view all pictures within a SINGLE gallery.

Those two combined, will expose any password protected images.

The system can be downloaded from:
http://www.minigal.dk/

Please credit find to: Preben Nylokken
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru