Filtered by vendor Menalto
Subscriptions
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-1113 | 2 Maian, Menalto | 2 Gallery, Gallery | 2024-08-06 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2013-2241 | 1 Menalto | 1 Gallery | 2024-08-06 | N/A |
modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter. | ||||
CVE-2013-2240 | 1 Menalto | 1 Gallery | 2024-08-06 | N/A |
lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138. |