CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2130
https://notcve.org/view.php?id=CVE-2002-2130
publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0260.html http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=64&mode=thread&order=0&thold=0 http://www.iss.net/security_center/static/10943.php http://www.securityfocus.com/bid/6489 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 1CVE-2001-1234
https://notcve.org/view.php?id=CVE-2001-1234
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html http://prdownloads.sourceforge.net/gallery/gallery-1.2.5.tar.gz http://www.iss.net/security_center/static/7215.php http://www.osvdb.org/1967 http://www.securityfocus.com/bid/3397 •