Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The set_time_limit function in Gallery prior to 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote malicious users to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gallery project gallery 1.4.4

source: wwwsecurityfocuscom/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system This issue is a design error that occurs due to the 'set_time_limit' function The issue presents itself becuase the 'set_time_limit' function forces the applica ...

NVD-CWE-Other http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0757.html http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=134&mode=thread&order=0&thold=0 http://www.gentoo.org/security/en/glsa/glsa-200409-05.xml http://www.securityfocus.com/bid/10968 https://exchange.xforce.ibmcloud.com/vulnerabilities/17021 https://nvd.nist.gov https://www.exploit-db.com/exploits/24383/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1466

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect