CVE-2007-6686 Information

Description

The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=203217 http://gallery.menalto.com/gallery_2.2.4_released http://osvdb.org/41674 http://secunia.com/advisories/28898 http://security.gentoo.org/glsa/glsa-200802-04.xml