The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors.Referenceshttp://gallery.menalto.com/gallery_2.2.4_releasedhttp://security.gentoo.org/glsa/glsa-200802-04.xmlhttp://osvdb.org/41668http://secunia.com/advisories/28898http://bugs.gentoo.org/show_bug.cgi?id=203217
