Gallery · Gallery 2.0 · CVE-2005-3251
**Name of the Vulnerable Software and Affected Versions**
Gallery 2.0 (G2)
**Description**
A directory traversal issue in the gallery script allows remote attackers to read or include arbitrary files by using ".." sequences in the `g2 itemId` parameter.
**Recommendations**
For Gallery 2.0 (G2), avoid using the `g2 itemId` parameter with ".." sequences until a patch is available. As a temporary workaround, consider restricting access to the gallery script to minimize the risk of exploitation.