Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1466


Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1466
Last Modified 05 Sep 2008 04:41:28
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root.

Vulnerable Systems


  • Gallery Project Gallery 1.4.4


BID - 10968

GENTOO - GLSA-200409-05


XF - gallery-savephotos-file-upload(17021)

FULLDISC - 20040817 Gallery 1.4.4 save_photos.php PHP Insertion Proof of Concept

Last Updated: 27 May 2016 10:39:02