cbcvebase.
CVE-2002-1412
published 2003-04-11

CVE-2002-1412: Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that…

PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
39.50%
98.4th percentile
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.

Affected

7 ranges
VendorProductVersion rangeFixed in
gallery_projectgallery<= 1.3.1
gallery_projectgallery
gallery_projectgallery
gallery_projectgallery
gallery_projectgallery
gallery_projectgallery
gallery_projectgallery
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.