CVE-2006-1126
Gallery 2 up to 2.0.2 has an IP-spoofing flaw where a remote attacker can spoof X-Forwarded-For, which is trusted over REMOTE_ADDR. Affected: Gallery 2.x prior to 2.0.3. Root cause: server uses X_FORWARDED_FOR in IP checks. Impact: potential partial confidentiality/integrity exposure; possible fo...