XOOPS Web Application System (https://xoops.org)
Powered by You!
XoopsGallery Module 'init_basic.php' Remote File Include Vulnerability
Category : Security
| Published by phppp on 10-Jan-2008 03:15
XoopsGallery is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
XoopsGallery 1.3.3.9 has been confirmed vulnerable.
we advise you to upgrade to XoopsGallery 2.1+ or inactivate the module
immediately until this issue is solved.
Thank SecurityFocus, Eugene Minaev and
Northern .