In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.
Webgalamb suffers from remote code execution, cross site request forgery, cross site scripting, information leakage, and remote SQL injection vulnerabilities.