icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Gallery < 2.0.4 Watermark Function stepOrder Parameter Local File Inclusion

Medium

Synopsis

The remote web server contains a PHP application that is affected by multiple local file include flaws.

Description

The remote host is running Gallery, a web-based photo album application written in PHP. The version of Gallery installed on the remote host fails to sanitize input to the 'stepOrder' parameter of the 'upgrade/index.php' and 'install/index.php' scripts before using it in a PHP 'require()' function. An unauthenticated attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the affected host provided PHP's 'register_globals' setting is enabled.

Solution

Upgrade to version 2.0.4 or higher.