Intrusion Prevention



This indicates a possible attempt to exploit one of several vulnerabilities that have been identified in Photokorn.
These vulnerabilities are due to input validation errors in various scripts (for example "includes/" and "extras/ext_cats.php") that do not validate the "dir_path" parameter. They could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

Photokorn version 1.52 and prior.


System compromise: remote code execution.

Recommended Actions

Upgrade to version 1.6 :

CVE References