Gallery 3.06 - Unauthenticated File Upload PHP Code Execution



Proof of Concept
The vulnerable file was:

http://www.example.com/wp-content/plugins/gallery-plugin/upload/php.php

Affects Plugin

fixed in version 3.1.1

References

EXPLOITDB 18998

Classification

Type UPLOAD
CWE CWE-434

Miscellaneous

Original Researcher Sammy FORGIT
Views 5652
Verified No
WPVDB ID 6221

Timeline

Publicly Published 2012-06-01 (over 7 years ago)
Added 2014-08-01 (over 5 years ago)
Last Updated 2020-02-27 (about 13 hours ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin