Gallery 3.06 - Unauthenticated File Upload PHP Code Execution

Proof of Concept

The vulnerable file was:

http://www.example.com/wp-content/plugins/gallery-plugin/upload/php.php

Affects Plugin

Gallery by BestWebSoft

fixed in version 3.1.1

References

ExploitDB

18998

Classification

Type	UPLOAD
CWE	CWE-434

Miscellaneous

Original Researcher	Sammy FORGIT
Views	5709
Verified	No
WPVDB ID	6221

Timeline

Publicly Published	2012-06-01 (about 8 years ago)
Added	2014-08-01 (almost 6 years ago)
Last Updated	2020-02-27 (5 months ago)

Our Other Services

Online WordPress Vulnerability Scanner

WPScan WordPress Security Plugin