CVE-2002-1412

2004-09-0104:00:00

mitre

www.cve.org

AI Score

7.2

Confidence

Low

EPSS

0.192

Percentile

96.4%

JSON

Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.

References

archives.neohapsis.com/archives/bugtraq/2002-07/0471.html

gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=50&mode=thread&order=0&thold=0

www.debian.org/security/2002/dsa-138

www.securityfocus.com/bid/5375

exchange.xforce.ibmcloud.com/vulnerabilities/9737