4 matches found
Debian DSA-138-1 : gallery - remote exploit
A problem was found in gallery a web-based photo album toolkit: it was possible to pass in the GALLERYBASEDIR variable remotely. This made it possible to execute commands under the uid of web-server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2002-1412
CVE-2002-1412 affects Gallery (Gallery project photo album) prior to 1.3.1. Affected component is the GALLERY_BASEDIR handling in the Gallery codebase. The underlying issue allows local and possibly remote attackers to execute arbitrary code by supplying a modified GALLERY_BASEDIR that points to ...
CVE-2002-1412
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERYBASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script...
Immunity Canvas: GALLERY1_INCLUDE
Name| gallery1include ---|--- CVE| CVE-2002-1412 Exploit Pack| CANVAS Description| Gallery 1.2.5 = Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: GNU CVE Url: https://vulners.com/cve/CVE-2002-1412 CVE Name: CVE-2002-1412...