Gallery 1.4 index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8814/info It has been reported that Gallery is prone to a remote file include vulnerability in the index.php script file. The problem occurs due to the program failing to verify the location in which it includes the...

CVE-2006-5241

CVE-2006-5241 affects OpenDock Easy Gallery ≤ 1.4. Multiple PHP remote file inclusion (RFI) flaws arise when register_globals is enabled. An attacker can cause the application to load arbitrary PHP code by passing a URL in the doc_directory parameter across several scripts (sw/lib_user/file.php, ...

CVE-2003-1227

Technical details for CVE-2003-1227 are not provided in the supplied documents. Please monitor for updates from official advisories and vendor notices.

CVE-2003-1227

PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue...

CVE-2003-1227

PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue...