lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138.
AV:N/AC:L/Au:N/C:P/I:P/A:PMenalto Gallery
APPMenalto3.03.0.13.0.23.0.33.0.43.0.53.0.63.0.73.0.8
Related vulnerabilities
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query paramete...
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code v...
Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement encryption, which has unspecified impact...
Menalto Gallery before 2.2.5 allows remote attackers to bypass permissions for sub-albums via a ZIP archive.
Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact a...