publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
References
Configurations
History
20 Nov 2024, 23:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2002-12/0260.html - Patch, Vendor Advisory | |
References | () http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=64&mode=thread&order=0&thold=0 - | |
References | () http://www.iss.net/security_center/static/10943.php - | |
References | () http://www.securityfocus.com/bid/6489 - Patch |
Information
Published : 2002-12-31 05:00
Updated : 2024-11-20 23:42
NVD link : CVE-2002-2130
Mitre link : CVE-2002-2130
CVE.ORG link : CVE-2002-2130
JSON object : View
Products Affected
gallery_project
- gallery
CWE