+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
;;ii,,:: +
:::: :: ;;tt;;:: +
;;:: ..,,:: ;;ii,,:: +
,,,, ii;;,, ii;;:: ;;ii,,:: +
ii:: tt;;,, ..tt;;,,.. ;;ii;;:: +
ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: +
tt;;::..,, tt;;,, ff;;;;ii ;;ii,,:: +
tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,:: +
tt;;;;,, tt;;,,.. tt;;;; ;;ii;;:: +
..::,,;;,, tt;;,,.. tt;;,, ;;ii,,:: +
..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,:: +
::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,:: +
,,;;ii tt;;,, ii;;,,.. ..jj;;:: ;;ii;;:: +
;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,.. +
ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,.. +
,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;.. +
tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,.. +
jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,.. +
;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;.. +
..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,.. +
iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;; +
..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,, +
jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,, +
jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii:: +
iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii +
;;.. ii;; +
.. +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
Credit by : Al7ejaz HackerZ
mmgallery Multiple vulnerabilities
Script : mmgallery
Website: mmgallery.net
Impact : FullPath disclosure and Cross site Scripting
FullPath disclosure in thumbs.php
Cross Site Scripting
page varibale is not proprely verified and can be used to execute arbitary htmlcode
http://localhost/thumbs.php?page='>
Al7ejaz HackerZ ;)
/Milw0rm