VYPR

Ralf Image Gallery

by Le Ralf

CVEs (2)

  • CVE-2006-3210Jun 24, 2006
    risk 0.04cvss epss 0.13

    Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when register_globals is enabled, allows remote attackers to conduct PHP remote file inclusion and directory traversal attacks via URLs or ".." sequences in the (1) dir_abs_src parameter in (a) check_entry.php, (b)…

  • CVE-2007-4127Aug 1, 2007
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir_abs_src parameter. NOTE: this issue is disputed by multiple third parties,…