JV2 Folder Gallery Source Code Information Disclosure Vulnerability
BID:22053
Info
JV2 Folder Gallery Source Code Information Disclosure Vulnerability
| Bugtraq ID: | 22053 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 20 2006 12:00AM |
| Updated: | Jan 15 2007 11:10PM |
| Credit: | SaO is credited with the discovery of this vulnerability. |
| Vulnerable: |
JV2 JV2 Folder Gallery 3.0 |
| Not Vulnerable: | |
Discussion
JV2 Folder Gallery Source Code Information Disclosure Vulnerability
JV2 Folder Gallery is prone to a source-code information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.
JV2 Folder Gallery is prone to a source-code information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks.
Exploit / POC
JV2 Folder Gallery Source Code Information Disclosure Vulnerability
Attackers can exploit this vulnerability with a standard web browser.
Sample exploit code has been provided:
Attackers can exploit this vulnerability with a standard web browser.
Sample exploit code has been provided:
Solution / Fix
JV2 Folder Gallery Source Code Information Disclosure Vulnerability
Solution:
Currently we are not aware of any fixes for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any fixes for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].