Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to filemanager\UploadHandler.php. The post() method in UploadHandler.php
f02ad987ed7f1dad396989d5468e155f2bca868059ecd59d3ac73240b22cd297
Photo Gallery version 1.2.5 suffers from a remote shell upload vulnerability.
cccaa6d7d8925aad8a70eeff4842b9b5c3c554891b45ac03b8d34ce6dcd33cff