Back to search
CVE-2003-1227
Published: Aug 16, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
gallery-indexphp-file-include(13419)
vdb-entry
x_refsource_XF
8814
vdb-entry
x_refsource_BID
20031012 Re: Gallery 1.4 including file vulnerability
mailing-list
x_refsource_BUGTRAQ
20031011 RE: Gallery 1.4 including file vulnerability
mailing-list
x_refsource_BUGTRAQ
20031011 Gallery 1.4 including file vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now