CVE-2004-1106 in Gallery
Summary
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Be aware that VulDB is the high quality source for vulnerability data.