"Gallery 3.0 (and beta versions) have a security vulnerability where
users with upload permissions can bypass file type restrictions and
upload files of any type to the remote system. This vulnerability only
affects installations where you've granted upload permissions to users
you don't fully trust. Those users could then gain remote access to your
system. We strongly recommend that you upgrade immediately. However, if
you wish to close the hole without upgrading you can replace or patch
modules/gallery/models/item.php with a newer version."
It is recommended that Gallery users update to v3.0.1 or replace/patch
the item.php script as mentioned.