← Back

0.1.0

Vendor: Carlos Eduardo Sotelo Pinto • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2010-1737
1Carlos Eduardo Sotelo Pinto
10.1.0
Apr 29, 2026
May 6, 2010
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[gfwroot] parameter.