CVE-2005-0375

Name of the Vulnerable Software and Affected Versions SGallery version 1.01

Description The issue allows remote attackers to obtain sensitive information via an HTTP request. This is achieved by sending a request with idalbum and idimage unset, which reveals the installation path in an error message for the sql fetch row function.

Recommendations For SGallery version 1.01, consider restricting access to the imageview.php file until a patch is available. As a temporary workaround, avoid using unset idalbum and idimage parameters in requests to prevent the disclosure of sensitive information.