RSS   Vulnerabilities for 'Ivan gallery script'   RSS

2007-04-17
 
CVE-2007-2073

 

 
PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the gallery parameter in a new session.

 
 
CVE-2007-2072

CWE-Other
 

 
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Ivan Gallery Script 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue has been disputed by third party researchers for 0.3, stating that the dir variable is properly initialized before use.

 


Copyright 2024, cxsecurity.com

 

Back to Top