Intrusion Prevention

TinyWebGallery.Lang.File.Inclusion

Description

This indicates an attack attempt against a Local File Include vulnerability in TinyWebGallery.
The vulnerability exists because the affected software fails to properly sanitize user-supplied input. This could allow remote attackers to execute arbitrary code via sending a crafted web page.

Affected Products

TinyWebGallery 1.7.6 is vulnerable; other versions may also be affected.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version TinyWebGallery WG 1.7.7

CVE References

CVE-2009-1911