exploitdb
WRITEUP
VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/10705
This is a writeup describing a Remote File Inclusion (RFI) vulnerability in Gallery V 2.3. It provides two URLs where the vulnerability can be exploited by injecting malicious code via the 'className' and 'ADODB_LANG' parameters.
Classification
Writeup 90%
Target:
Gallery V 2.3
No auth needed
Prerequisites:
Access to the target server · Ability to craft malicious URLs