32 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the gallery parameter in a new session...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before...
CVE-2007-2073
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the gallery parameter in a new session...
CVE-2007-2072
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before...
CVE-2007-2072
CVE-2007-2072 affects Ivan Gallery Script 0.1. The vulnerability is a PHP remote file inclusion in index.php via the dir parameter, allowing a remote attacker to execute arbitrary PHP code. The issue is tied to how dir is used in the script; some sources dispute the claim, contending the dir vari...
CVE-2007-2073
CVE-2007-2073 : A PHP remote file inclusion vulnerability affects Ivan Gallery Script 0.3 (index.php) where the gallery parameter can be supplied via a URL in a new session to execute arbitrary PHP code. According to NVD, the affected vector is NETWORK with LOW attack complexity, no authenticatio...
CVE-2007-2073
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the gallery parameter in a new session...
CVE-2007-2072
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before...
PT-2007-3414 · Ivan · Ivan Gallery Script
Name of the Vulnerable Software and Affected Versions: Ivan Gallery Script version 0.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter in the index.php file. There is a dispute regarding version 0.3, with some researchers stating that th...
Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities
Wabbit Gallery Script 0.9 - showpic.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/23526/info Wabbit Gallery Script is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
Wabbit Gallery Script 0.9 - 'showpic.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/23526/info Wabbit Gallery Script is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
phpGalleryScript 1.0 (init.gallery.php include_class) RFI Vulnerability
Exploit for unknown platform in category web applications ======================================================================= phpGalleryScript 1.0 init.gallery.php includeclass RFI Vulnerability ======================================================================= vendor url:...