Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote malicious users to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
brunetton littlephpgallery 1.0.2 |