PostNuke

Flexible Content Management System

News

My_eGallery injection vulnerability

Contributed by on Mar 23, 2004 - 05:57 AM

They are forcing the basepath which is a global in that module.



[exact process edited]



Here's the report and link to the fix http://www.securiteam.com/unixfocus/6Y00M208UK.html
3684
Footnote: 1