Gallery Project : Security Vulnerabilities, CVEs, Published In 2002
publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
0.32%
Published
2002-12-31
Updated
2008-09-05
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
Max CVSS
7.5
EPSS Score
1.22%
Published
2002-12-31
Updated
2017-07-11
2 vulnerabilities found