oss-sec mailing list archives
CVE request: coppermine <= 1.4.22
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 20 May 2009 11:12:31 +0200
http://milw0rm.com/exploits/8736 #!/usr/bin/perl # Coppermine Photo Gallery <= 1.4.22 Remote Exploit # Need register_globals = on and magic_quotes_gpc = off # Based on vulnerabilities discussed at http://www.milw0rm.org/exploits/8713 # Coded by girex Quotet URL http://www.milw0rm.org/exploits/8713 : Coppermine Foto Gallery suffers from different vulnerabilities. There is a Local File Inclusion and a Blind SQL Injection working with register_globals = On and magic_quotes_gpc = Off and a SQL Injection working in case of registration is enabled and a user can create/modify albums (default setting if registration is enabled) and php.ini regardless and a Blind SQL Injection when is enabled the ecard logging system (that is not a default configuration) and php.ini regardless Let's see how do they work... -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno () hboeck de http://ausdenaugenausdemsinn.de - Kein Sicherheitsrabatt für CO2-Speicher http://tinyurl.com/dceu73 - Internetzensur stoppen! http://schokokeks.org - professional webhosting
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request: coppermine <= 1.4.22 Hanno Böck (May 20)