Vulnerabilities > CVE-2007-2076 - Remote Security vulnerability in Maian Gallery 1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
maian
Summary
PHP remote file inclusion vulnerability in index.php in Maian Gallery 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. NOTE: this issue was disputed by a third party researcher, but confirmed by the vendor, stating "this problem existed only briefly in v1.0."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2007-04/0244.html
- http://attrition.org/pipermail/vim/2007-April/001530.html
- http://www.osvdb.org/34149
- http://www.securityfocus.com/archive/1/465732/100/0/threaded
- http://www.securityfocus.com/archive/1/465853/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33692