Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gallery远程任意代码执行漏洞
Vulnerability Description
Gallery是一款开放源代码图象管理系统。 Gallery新增的允许用户使用Windows XP发布子系统发布图象到WEB库的功能对用户输入缺少正确检查,远程攻击者可以利用这个漏洞包含远程服务器上任意文件,以WEB进程权限在系统上执行任意命令。 'publish_xp_docs.php'脚本用于用户使用Windows XP发布子系统(Publishing subsytem)发布图象到他们的基于WEB的图库中,其中会尝试包含'init.php'文件,不过使用未初始化的PHP变量进行路径指定,远程攻击者可以
CVSS Information
N/A
Vulnerability Type
N/A