imageVue is an online gallery for viewing images in a good-looking, yet functional layout. It is easy to setup - and to update your gallery with new images , you only have to upload them to your server. Everything else is automatic… Features Overview: - Simply create folders and upload your images - Automatic thumbnails created on server - ImageVue gallery can be loaded into other Flash presentations as subitems. - Add descriptions to any image with the admin - Altering the visual appearance, changing text attributes, colors and effect styles can all be done in the configuration file config.xml. - All sourcefiles are included - No limit on amount of images
ImageVue 1.6.1有漏洞 2006.Feb.11 imageVue16.1 upload vulnerability zjieb[at]hotmail.com ImageVue is an online Flash gallery for viewing images. For more information about ImageVue visit http://www.imagevuex.com Credits: me Vulnerable Systems: imageVue16.1 In ImageVue one can upload images to the Gallery. The upload-script however isn't checking credentials nor does it check file extensions i.e. it's possible for any user to upload any file as long as the 'right' permissions have been set for the uploading folder. Exploit: 1) check folder permissions http://[target]/dir.php An XML-document is shown containing all folders and their permissions. 2) upload a file to a folder from the XML http://[target]/admin/upload.php?path=../[foldername] Now you're ready to upload any file. Other vulnerabilities: 1) view dir listings http://[target]/readfolder.php?path=[path]&ext=[extension] 2) querystring is passed to style and body http://[target]/index.php?bgcol=[input]