CVE-2008-0251

Photopost Vbgallery < 2.4.1 - Code Injection

Title source: rule

Description

Unrestricted file upload vulnerability in PhotoPost vBGallery before 2.4.2 allows remote attackers to upload and execute arbitrary files via unknown vectors.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/6082

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/28430

[Various Sources] http://www.photopost.com/forum/showthread.php?t=134909

[Various Sources] http://www.photopost.com/forum/showthread.php?t=134910

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39621

Scores

EPSS 0.0314

EPSS Percentile 86.9%

Details

CWE

CWE-20 CWE-94

Status published

Products (1)

photopost/photopost_vbgallery < 2.4.1

Published Jan 12, 2008

Tracked Since Feb 18, 2026