admin/gallery_admin.php in planetGallery prior to 14.07.2006 allows remote malicious users to execute arbitrary PHP code by uploading files with a double extension and directly accessing the file in the images directory, which bypasses a regular expression check for safe file types.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
planet concept planetgallery |