Gallery Security Vulnerabilities and Issues — Gallery CVE List

Lucene search

MenaltoGallery

4 matches found

CVE•added 2013/10/10 12:55 a.m.•40 views

CVE-2013-2241

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.

5CVSS6.2AI score0.00379EPSS

CVE•added 2008/06/16 11:41 p.m.•38 views

CVE-2008-2721

Unspecified vulnerability in the album-select module in Menalto Gallery before 2.2.5 allows remote attackers to obtain titles of hidden albums by attempting to add a new album to a hidden album.

5CVSS6.2AI score0.00516EPSS

CVE•added 2008/06/16 11:41 p.m.•30 views

CVE-2008-2723

embed.php in Menalto Gallery before 2.2.5 allows remote attackers to obtain the full path via unknown vectors related to "spoofing the remote address."

5CVSS6.2AI score0.00516EPSS

CVE•added 2008/06/16 11:41 p.m.•30 views

CVE-2008-2724

Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.

5CVSS6.6AI score0.00287EPSS