FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gallery -- remote code injection via HTTP_POST_VARS

Affected packages
		gallery	<	1.4.1.1

Details

VuXML ID	12b1a62d-6056-4d90-9e21-45fcde6abae4
Discovery	2004-01-27
Entry	2005-06-17

A web server running Gallery can be exploited for arbitrary PHP code execution through the use of a maliciously crafted URL.

References

CVE Name	CVE-2004-2124
Message	0c0a01c3e525$1c0ed2b0$c90c030a@bmedirattatg

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.