PhpWebGallery prior to 1.6.0RC1 allows remote malicious users to obtain arbitrary pictures via a request to picture.php without specifying the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpwebgallery phpwebgallery 1.5.1 |
||
phpwebgallery phpwebgallery 1.0 |
||
phpwebgallery phpwebgallery 1.4.1 |