3 matches found
FreeBSD Ports: gallery2
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Gallery main.php g2_itemId Parameter Traversal Arbitrary File Access
The version of Gallery hosted on the remote web server fails to sanitize user-supplied input to the 'g2itemId' parameter of the 'main.php' script before using it to read cached files. If PHP's 'displayerrors' setting is enabled, an attacker can exploit this flaw to read arbitrary files on the...
CVE-2005-3251
CVE-2005-3251 is a directory traversal flaw in Gallery 2.0 (G2) where the g2_itemId parameter of main.php can be crafted by an attacker to read/include arbitrary files. Multiple OpenVAS/Nessus-derived feeds corroborate a read-access vulnerability affecting Gallery 2.x deployments, with the issue ...