RSS   Vulnerabilities for 'Easy gallery'   RSS

2006-10-11
 
CVE-2006-5241

CWE-Other
 

 
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) file.php; (2) find_user.php, (3) lib_user.php, (4) lib_form_user.php, and (5) user.php in sw/lib_user/; (6) find_session.php and (7) session.php in sw/lib_session/; (8) comment.php and (9) lib_comment.php in sw/lib_comment/; and other unspecified PHP scripts.

 

 >>> Vendor: Opendock 3 Products
Easy gallery
Easy doc
Easy blog


Copyright 2024, cxsecurity.com

 

Back to Top