[Full-disclosure] FWD: PhotoPost vBGallery ImportantSecurity Bulletin

[php0t]

From: "trains" <trains at doctorunix.com>
> The "AddType" statement for php is normally system-wide, which means
> the web server will execute php scripts that may be found in the
> upload directory.  This can be fixed multiple ways:

They will just place an .htaccess and do addtype themselves.
"php_admin_flag engine off" will probably render most of the issues you 
mentioned useless in one shot.

p.