CVE Vulnerabilities

CVE-2001-1234

Published: Oct 02, 2001 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.

Affected Software

Name Vendor Start Version End Version
Gallery Gallery_project 1.1 1.1
Gallery Gallery_project 1.2 1.2
Gallery Gallery_project 1.2.1 1.2.1

References