Date: Thu, 7 Sep 2000 02:38:08 +0300 From: pestilence <pestilence@SYNNERGY.GR> Subject: PhotoAlbum 0.9.9 explorer.php Vulnerability To: BUGTRAQ@SECURITYFOCUS.COM Affected program: PhotoAlbum v 0.9.9 (previous ???) Vulnerability: Problem located within the explorer.php script. Any user is able to pass a directory as request to the script, the script will read the directory and output all files included in it and has read access. for instance: http://www.phpphotoalbum.com/products/phpPhotoAlbum/explorer.php?folder=../../../../../../../etc/ will reveal all the files located in the specified directory. Synnergy Networks ============================== http://www.synnergy.net Kostas Petrakis aka Pestilence pestilence@synnergy.net