files.photo.gallery 0.3.0-0.11.0 - Remote Code Execution via Video Thumbnail Rendering
A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.