Arbitrary File Upload Vulnerability in Image Gallery Web Application 0.9.10

Arbitrary File Upload Vulnerability in Image Gallery Web Application 0.9.10

CVE-2004-1408 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.

Learn more about our Web App Pen Testing.