Gallery@3.0.5 Security Vulnerabilities and Issues — Gallery@3.0.5 CVE List

Lucene search

MenaltoGallery3.0.5

3 matches found

CVE•added 2013/10/10 12:55 a.m.•42 views

CVE-2013-2240

lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138.

7.5CVSS6.5AI score0.01207EPSS

CVE•added 2013/10/10 12:55 a.m.•40 views

CVE-2013-2241

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.

5CVSS6.2AI score0.00379EPSS

CVE•added 2013/10/10 12:55 a.m.•39 views

CVE-2013-2138

The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack.

7.5CVSS6.5AI score0.01207EPSS