Gallery Project: >> Gallery >> 1.0 Security Vulnerabilities
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
CVSS Score
5.0
EPSS Score
0.006
Published
2006-08-16
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
CVSS Score
7.5
EPSS Score
0.163
Published
2003-04-11