Nuked Gallery Vulnerability
Date: Wednesday, January 04, 2012 @ 12:29:27 EST
Topic: Security Vulnerabilities

We have today identified a vulnerability in all known versions of NukedGallery, specifically the 'port' of Gallery 2 for PHP-Nuke / RavenNuke.
Under certain circumstances, limitations set by a hosting provider trigger the vulnerability, which can disclose sensitive information.

Code Authors clients whom we have installed this script for have already had their sites modified free of charge to prevent this information disclosure and fix a weakness in the ported Gallery 2 script. Other clients have already been notified via email.
Further information is available to those we know who use this ported script via mail or PM.









This article comes from Code Authors
http://www.code-authors.com

The URL for this story is:
http://www.code-authors.com/modules.php?name=News&file=article&sid=179