[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Vulnerability in MG2 php based Image Gallery - bypass security,
From:       preben () watchcom ! no
Date:       2005-10-28 23:39:08
Message-ID: 20051028233908.18707.qmail () securityfocus ! com
[Download RAW message or body]

The MG2 Image Gallery system has the ability to make create online galleries. Even \
password protected once.

By manipulating url from a gallery, you are able to list out all pictures in every \
gallery. Even though they are inside a password protected folder.

Sample manipulation could be:
www.yoursite.com/mg2/index.php?list=*&page=all

The "*" replaces the album number, showing every album.
The "all" command is an option programmed in the system to view all pictures within a \
SINGLE gallery.

Those two combined, will expose any password protected images.

The system can be downloaded from:
http://www.minigal.dk/

Please credit find to: Preben Nylokken


[prev in list] [next in list] [prev in thread] [next in thread]