PT-2010-3737 · Jv2 · Jv2 Folder Gallery

Sn!Per.S!Te Hacker

Published

2010-06-01

Updated

2017-08-17

CVE-2010-2127

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions JV2 Folder Gallery version 3.1

Description A remote file inclusion issue in the gallery.php file of JV2 Folder Gallery allows remote attackers to execute arbitrary PHP code via a URL in the lang file parameter.

Recommendations For JV2 Folder Gallery version 3.1, consider restricting access to the gallery.php file or the lang file parameter to minimize the risk of exploitation until a patch is available.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2010-2127

Affected Products

Jv2 Folder Gallery

PT-2010-3737 · Jv2 · Jv2 Folder Gallery

CVE-2010-2127

Weakness Enumeration

Related Identifiers

Affected Products

References · 6