Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21345
HistoryFeb 12, 2009 - 12:00 a.m.

Full Path Disclosure In Photolibrary 1.009

2009-02-1200:00:00
vulners.com
31
JSON

============================================================
!vuln
Photolibrary 1.009
Previous versions may also be affected.

============================================================
!risk
Low
There are currently just a few websites circulating with
Photolibrary enabled.

============================================================
!dork
Dork:
inurl:"/photos" photolibrary All images are the copyright of
their respective authors. Link to this page

============================================================
!discussion
Null user input in the following PHP file results in full
path disclosure of the document root folder because of the
include function:
site.com/photolibrary.1.009/photolibrary/css/style.php?page=

============================================================
!solution

Change line 48 so that the include statement stops null
input:

if($page == '')
echo ("Get lost! Stop Trying to get full path disclosure!");
else
{
include($page.'.css');
}

The vendor has not yet been notified.

============================================================
!greetz
Greetz go out to the people who know me.

============================================================
!author
Xia Shing Zee

JSON