2006-11-22 02:00:00
mitre
PUBLISHED
index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter.