[geeklog-users] Geeklog/Gallery vulnerability
Jason Signalness
jason at btiadmin.net
Tue Dec 9 17:18:04 EST 2003
Hello,
This article worries me a bit:
http://www.securityfocus.com/guest/24043
Have the issues addressed within it been resolved in any patch, etc, for
Geeklog/Gallery?
The vulerability discussed allowed me to write arbitrary data to the
server's hard disk, run all kinds of shell commands, and get the output
back in my browser. Worrying to be sure.
Thanks,
Jason
More information about the geeklog-users
mailing list