Gallery photo album package prior to 1.3.1 allows local and possibly remote malicious users to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gallery project gallery |