CVE-2007-0082

CVE-2007-0082 is a medium-severity vulnerability in Imgallery with a CVSS 2.0 base score of 6.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.

Frequently asked questions

What is CVE-2007-0082?
users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.
How severe is CVE-2007-0082?
CVE-2007-0082 has a CVSS 2.0 base score of 6.5, rated medium severity.
Is CVE-2007-0082 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (78th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2007-0082?
CVE-2007-0082 primarily affects Imgallery. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2007-0082?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2007-0082 published?
CVE-2007-0082 was published on 2007-01-05 and last updated on 2026-06-16.

References

Affected products (2)

More vulnerabilities in Imgallery

All CVEs affecting Imgallery →