Absolute path traversal vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote malicious users to browse arbitrary directories via the path parameter.
source: wwwsecurityfocuscom/bid/17812/info
PhP-Gallery is prone to an information-disclosure vulnerability and a cross-site scripting vulnerability These issues are due to a failure in the application to properly sanitize user-supplied input
An attacker can exploit these vulnerabilities to retrieve arbitrary files from the vulnerable ...