| VID |
22057 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The PHP-Nuke service has a bugged version of the 'Gallery' Add-on which allow attackers to read arbitary files on the web server.
Bharat Mediratta Gallery is a free, open source web-based photo album which may be used as an add-on for the PHPNuke web portal. Due to insufficient validation of user-supplied input, the 'Gallery' modules allows a remote attacker to read arbitrary files on the web server via a specially crafted web request which contains '../' sequences. |
| Recommendation |
Disable this add-on if not needed.
-- OR --
Use the PHP included "system escapeshell" function.
-- OR --
Upgrade to a new release for 'Gallery', v1.2.3 from:
http://sourceforge.net/project/showfiles.php?group_id=7130&release_id=62216 |
| Related URL |
CVE-2001-0900 (CVE) |
| Related URL |
3554 (SecurityFocus) |
| Related URL |
7580 (ISS) |
|
