TinyWebGallery Remote Code Execution Exploit

This module exploits a TinyWebGallery local file-include vulnerability because TinyWebGallery fails to properly sanitize user-supplied input. The module takes advantage of the logging capabilities of the attacked software to remotely execute arbitrary code.
Vulnerabilty ID: 
CVE-2009-1911
Product Version: 
11.0
Released Date: 
Friday, January 21, 2011 - 00:00