RSS   Vulnerabilities for 'Planetgallery'   RSS

2006-07-24
 
CVE-2006-3676

CWE-Other
 

 
admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote attackers to execute arbitrary PHP code by uploading files with a double extension and directly accessing the file in the images directory, which bypasses a regular expression check for safe file types.

 
2006-05-01
 
CVE-2006-2116

CWE-Other
 

 
planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.

 

 >>> Vendor: Planet concept 4 Products
Planetsearch+
Planetgallery
Planetstat
Planetnews


Copyright 2024, cxsecurity.com

 

Back to Top