2 matches found
CVE-2009-4614
MoA Gallery 1.2.0 and earlier are affected by multiple PHP remote file inclusion flaws. By supplying a URL in the MOA_PATH parameter to 18 PHP sources (e.g., _error_funcs.php, _template_parser.php, page_sitemap.php, etc.), an attacker can cause arbitrary PHP code execution on affected systems. Th...
CVE-2009-4627
CVE-2009-4627 : Directory traversal in Moa Gallery 1.2.0 and earlier. The issue occurs in sources/_template_parser.php via the p_filename parameter, where a ".." path segment enables reading arbitrary files. This is a targeted file access vulnerability in Moa Gallery, with no remediation details ...