K4Rtal

**Name of the Vulnerable Software and Affected Versions** Maian Gallery version 1.0 **Description** A remote file inclusion issue in index.php allows remote attackers to execute arbitrary PHP code via a URL in the `path to folder` parameter. This issue was disputed by a third-party researcher but confirmed by the vendor. **Recommendations** For Maian Gallery version 1.0, update to a version where this issue has been resolved, as the vendor confirmed the problem existed only briefly in this version.