• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Gallery Multiple Remote Vulnerabilities

Gallery is prone to multiple remote vulnerabilities:

1. A command-execution vulnerability
2. A cross-site scripting issue
3. A security-bypass vulnerability
4. An authentication-bypass vulnerability
5. A local file-include vulnerability
UPDATE (August 8, 2008): This issue is now covered by BID 30608 (Gallery 'modules.php' Local File Include Vulnerability).

6. A denial-of-service issue
7. An unspecified information-disclosure vulnerability
8. A username-enumeration weakness

Exploiting these issues could allow an attacker to view sensitive information, execute arbitrary script code within the context of the browser, compromise the application, and modify data. Other attacks are also possible.

Versions prior to Gallery 1.5.8 are vulnerable.