3 matches found
Immunity Canvas: MYGALLERY_REMOTE
Name| mygalleryremote ---|--- CVE| CVE-2007-2426 Exploit Pack| CANVAS Description| WordPress Plugin MyGallery Remote Include Notes| CVE Name: CVE-2007-2426 VENDOR: MyGallery CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2426 Repeatability: Infinite CVSS: 7.5...
CVE-2007-2426
PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in the myGallery 1.4b4 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the myPath parameter...
CVE-2007-2426
The vulnerability CVE-2007-2426 affects the MyGallery WordPress plugin (versions 1.4b4 and earlier) where mygallerybrowser.php does not sanitize the myPath parameter, enabling PHP remote file inclusion. An attacker can supply a URL to cause the server to include and execute arbitrary PHP code, po...