index.php in w00t Gallery 1.4.0 allows remote authenticated users with privileges for one installation to gain access to other installations on the same web server, aka multi-gallery admin session spanning. NOTE: some of these details are obtained from third party information.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| W00t_gallery | W00t_gallery | 1.4.0 (including) | 1.4.0 (including) |
References
- http://secunia.com/advisories/23383
- http://sourceforge.net/project/shownotes.php?release_id=471109
- http://www.securityfocus.com/bid/21590
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30886
- http://secunia.com/advisories/23383
- http://sourceforge.net/project/shownotes.php?release_id=471109
- http://www.securityfocus.com/bid/21590
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30886