3 matches found
Gallery includedir Parameter Remote File Inclusion
The version of Gallery installed on the remote host is affected by a remote file inclusion vulnerability due to the application failing to properly sanitize user-supplied input to the 'includedir' parameter. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shel...
CVE-2001-1234
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable...
CVE-2001-1234
CVE-2001-1234 affects Bharat Mediratta’s Gallery PHP script (versions before 1.2.1). A remote file inclusion flaw in the includedir parameter allows an attacker to include arbitrary remote files, enabling remote code execution with the web server’s privileges. The issue is documented by a Nessus ...