← back
CVE-2001-1234

CVE-2001-1234

EPSS 3.5%
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.htmlhttp://prdownloads.sourceforge.net/gallery/gallery-1.2.5.tar.gzhttp://www.iss.net/security_center/static/7215.phphttp://www.osvdb.org/1967http://www.securityfocus.com/bid/3397