CVE-2007-2642

Name of the Vulnerable Software and Affected Versions R2K Gallery version 1.7

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using a .. (dot dot) in the lang2 parameter of the galeria.php file.

Recommendations For R2K Gallery version 1.7, consider restricting access to the galeria.php file until a patch is available, or avoid using the lang2 parameter with untrusted input to minimize the risk of exploitation.