PlanetGallery Gallery_Admin.PHP Arbitrary File Upload Vulnerability

info
discussion
exploit
solution
references

PlanetGallery Gallery_Admin.PHP Arbitrary File Upload Vulnerability

planetGallery is prone to an arbitrary file-upload vulnerability.

An attacker can exploit this vulnerability to upload malicious script code that will be executed in the context of the webserver.

An attacker can exploit this issue by uploading and executing malicious PHP scripts.

Versions 22.05.2006 and prior are vulnerable to this issue.