ID de Prueba:	1.3.6.1.4.1.25623.1.0.11876
Categoría:	CGI abuses
Título:	gallery code injection (2)
Resumen:	NOSUMMARY
Descripción:	Description: It is possible to make the remote host include php files hosted on a third party server using Gallery. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. Solution : Upgrade to Gallery 1.4pl2 or 1.4.1 or newer Risk factor : High
Referencia Cruzada:	BugTraq ID: 8814 Common Vulnerability Exposure (CVE) ID: CVE-2003-1227 http://www.securityfocus.com/bid/8814 Bugtraq: 20031011 Gallery 1.4 including file vulnerability (Google Search) http://www.securityfocus.com/archive/1/341044 Bugtraq: 20031011 RE: Gallery 1.4 including file vulnerability (Google Search) http://www.securityfocus.com/archive/1/341094 Bugtraq: 20031012 Re: Gallery 1.4 including file vulnerability (Google Search) http://www.securityfocus.com/archive/1/341098 XForce ISS Database: gallery-indexphp-file-include(13419) https://exchange.xforce.ibmcloud.com/vulnerabilities/13419
Copyright	This script is Copyright (C) 2003 Tenable Network Security

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.