Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via .. sequences in the g2_itemId parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gallery | Gallery_project | 2.0_alpha4 | 2.0_alpha4 |
Gallery | Gallery_project | 2.0_beta2 | 2.0_beta2 |
Gallery | Gallery_project | 2.0_beta1 | 2.0_beta1 |
Gallery | Gallery_project | 2.0_alpha2 | 2.0_alpha2 |
Gallery | Gallery_project | 2.0_alpha1 | 2.0_alpha1 |
Gallery | Gallery_project | 2.0_beta3 | 2.0_beta3 |
Gallery | Gallery_project | 2.0 | 2.0 |
Gallery | Gallery_project | 2.0_alpha3 | 2.0_alpha3 |