phpThumb - 'phpThumbDebug' Information Disclosure

Author: mook
type: webapps
platform: php
port: 
date_added: 2011-05-06 
date_updated: 2011-05-06 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphpThumb_1.7.9.zip

# Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure
# Google Dork: inurl:phpThumb.php
# Date: 06/05/2011
# Author: mook
# Software Link: http://phpthumb.sourceforge.net/#download
# Version: 1.7.9
# Tested on: linux

Vulnerability:

Information disclosure which includes absolute system paths, os
flavour, application configuration information and other installed
application versions.

The vulnerability can be triggered by appending 'phpThumbDebug=" and
any number from 0 to 10 to any phpThumb.php request. e.g:



The response will be an image render of the debug information.

Remediation:

The responsible code can be found in phpThumb.php itself by changing
the default "$PHPTHUMB_CONFIG['disable_debug']            = false;" to
"$PHPTHUMB_CONFIG['disable_debug']            = true;".