Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
menalto gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-2722
Menalto Gallery prior to 2.2.5 allows remote malicious users to bypass permissions for sub-albums via a ZIP archive.
Menalto Gallery 2.2.1
Menalto Gallery 2.2.2
Menalto Gallery 2.2.3
Menalto Gallery
Menalto Gallery 2.1
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
Menalto Gallery 2.2.0
7.5
CVSSv2
CVE-2007-6689
Menalto Gallery prior to 2.2.4 does not properly check for malicious file extensions during file uploads, which allows malicious users to execute arbitrary code via the (1) Core application or (2) MIME module.
Menalto Gallery
6.8
CVSSv2
CVE-2008-3600
Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter within a modload action.
Menalto Gallery 1.5.7
Menalto Gallery 1.6
6.4
CVSSv2
CVE-2007-6692
Open redirect vulnerability in Menalto Gallery prior to 2.2.4 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules.
Menalto Gallery
6
CVSSv2
CVE-2010-4353
Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery prior to 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Menalto Gallery 2.1.1
Menalto Gallery 1.6
Menalto Gallery 2.1.2
Menalto Gallery 1.5.7
Menalto Gallery
Menalto Gallery 2.2.2
Menalto Gallery 2.1
Menalto Gallery 2.2.4
Menalto Gallery 2.2.0
Menalto Gallery 2.2.3
Menalto Gallery 2.2.1
5
CVSSv2
CVE-2013-2241
modules/gallery/helpers/data_rest.php in Gallery 3 prior to 3.0.9 allows remote malicious users to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.
Menalto Gallery 3.0
Menalto Gallery 3.0.2
Menalto Gallery 3.0.3
Menalto Gallery 3.0.4
Menalto Gallery 3.0.5
Menalto Gallery 3.0.1
Menalto Gallery 3.0.6
Menalto Gallery
Menalto Gallery 3.0.7
5
CVSSv2
CVE-2008-2721
Unspecified vulnerability in the album-select module in Menalto Gallery prior to 2.2.5 allows remote malicious users to obtain titles of hidden albums by attempting to add a new album to a hidden album.
Menalto Gallery 2.2.2
Menalto Gallery 2.2.3
Menalto Gallery
Menalto Gallery 2.1
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
Menalto Gallery 2.2.0
Menalto Gallery 2.2.1
5
CVSSv2
CVE-2008-2723
embed.php in Menalto Gallery prior to 2.2.5 allows remote malicious users to obtain the full path via unknown vectors related to "spoofing the remote address."
Menalto Gallery 2.2.0
Menalto Gallery 2.2.1
Menalto Gallery 2.2.2
Menalto Gallery 2.2.3
Menalto Gallery
Menalto Gallery 2.1
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
5
CVSSv2
CVE-2008-2724
Menalto Gallery prior to 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote malicious users to bypass intended access restrictions.
Menalto Gallery 2.2.0
Menalto Gallery 2.2.1
Menalto Gallery 2.2.2
Menalto Gallery 2.2.3
Menalto Gallery 2.1
Menalto Gallery 2.2.4
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
4.3
CVSSv2
CVE-2012-4342
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 prior to 3.0.4 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Menalto Gallery
Menalto Gallery 3.0.1
Menalto Gallery 3.0.2
Menalto Gallery 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »