Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gallery | Menalto | 2.2.1 | 2.2.1 |
Gallery | Menalto | 1.6 | 1.6 |
Gallery | Menalto | 2.2.3 | 2.2.3 |
Gallery | Menalto | * | 2.2.6 |
Gallery | Menalto | 1.5.7 | 1.5.7 |
Gallery | Menalto | 2.2.4 | 2.2.4 |
Gallery | Menalto | 2.1.1 | 2.1.1 |
Gallery | Menalto | 2.1.2 | 2.1.2 |
Gallery | Menalto | 2.1 | 2.1 |
Gallery | Menalto | 1.6 | 1.6 |
Gallery | Menalto | 2.2.0 | 2.2.0 |
Gallery | Menalto | 2.2.2 | 2.2.2 |