Lucene search
K

7 matches found

Cvelist
Cvelist
added 2013/10/10 12:0 a.m.39 views

CVE-2013-2241

modules/gallery/helpers/datarest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information image files via the "full" string in the size parameter...

6AI score0.01566EPSS
Exploits0References6
CVE
CVE
added 2013/10/10 12:0 a.m.57 views

CVE-2013-2241

The CVE-2013-2241 issue affects Gallery3 before 3.0.9, where data_rest.php could bypass access restrictions via the size parameter with the string “full,” allowing an attacker to access sensitive image files. The vulnerability is rooted in improper access control checks in the data_rest core modu...

5CVSS6.2AI score0.01566EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2013/08/20 12:0 a.m.21 views

Fedora Update for gallery3 FEDORA-2013-12384

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02707EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/07/16 12:0 a.m.23 views

Fedora 19 : gallery3-3.0.9-1.fc19 (2013-12384)

Fixes for CVE-2013-2240, CVE-2013-2241. A security flaw was found in the way flowplayer SWF file handling functionality of Gallery version 3, an open source project with the goal to develop and support leading photo sharing web application solutions, processed certain URL fragments passed to this...

7.5CVSS5.6AI score0.02707EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2013/07/16 12:0 a.m.22 views

Fedora 17 : gallery3-3.0.9-1.fc17 (2013-12441)

Fixes for CVE-2013-2240, CVE-2013-2241. A security flaw was found in the way flowplayer SWF file handling functionality of Gallery version 3, an open source project with the goal to develop and support leading photo sharing web application solutions, processed certain URL fragments passed to this...

7.5CVSS5.6AI score0.02707EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2013/07/16 12:0 a.m.17 views

Fedora Update for gallery3 FEDORA-2013-12424

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02707EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/07/16 12:0 a.m.17 views

Fedora Update for gallery3 FEDORA-2013-12441

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02707EPSS
Exploits1References2
Rows per page
Query Builder