Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement encryption, which has unspecified impact and attack vectors, a different vulnerability than CVE-2012-1113.
oryginał ENCVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:CMaian Gallery
APPMaian2.32.3.13.03.0.13.0.2Menalto Gallery
APPMenalto2.2.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2013-2138HIGH7.5ten sam produkt
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query paramete...
CVE-2013-2240HIGH7.5ten sam produkt
lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote...
CVE-2012-4343HIGH7.5ten sam produkt
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code v...
CVE-2008-2722HIGH7.5ten sam produkt
Menalto Gallery before 2.2.5 allows remote attackers to bypass permissions for sub-albums via a ZIP archive.
CVE-2007-6690HIGH10.0ten sam produkt
The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR comman...