PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xoops xoopsgallery module 1.3.3_9 |