Ivan Gallery Script : Security Vulnerabilities, CVEs,
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the gallery parameter in a new session.
Max CVSS
7.5
EPSS Score
0.61%
Published
2007-04-18
Updated
2008-11-13
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before use
Max CVSS
7.5
EPSS Score
1.53%
Published
2007-04-18
Updated
2024-03-21
2 vulnerabilities found