Gallery Project: >> Gallery >> 1.2.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
CVSS Score
4.3
EPSS Score
0.06
Published
2003-08-27
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
CVSS Score
7.5
EPSS Score
0.039
Published
2001-10-02