Security Vulnerability in Media Gallery v1.4x
- Tuesday, May 15 2007 @ 09:53 am EDT
- Contributed by: mevans
- Views: 8,598

If you do not want to upgrade to the latest version of Media Gallery, you should apply the following patch:
Edit mediagallery/maint/ftpmedia.php
Near the top, immediately before the following line:
require_once($_MG_CONF['path_html'] . 'lib-batch.php');
Add the following code:
// this file can't be used on its own if (strpos ($_SERVER['PHP_SELF'], 'ftpmedia.php') !== false) { die ('This file can not be used on its own.'); }
Save ftpmedia.php. This should resolve the issue.
For more information on other enhancements and fixes to Media Gallery v1.4.8b, please see www.gllabs.org.
Thanks!
Mark