CVE Vulnerabilities

CVE-2013-2241

Published: Oct 10, 2013 | Modified: Oct 10, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the full string in the size parameter.

Affected Software

Name Vendor Start Version End Version
Gallery Menalto * 3.0.8 (including)
Gallery Menalto 3.0 (including) 3.0 (including)
Gallery Menalto 3.0-beta1 (including) 3.0-beta1 (including)
Gallery Menalto 3.0-beta2 (including) 3.0-beta2 (including)
Gallery Menalto 3.0-beta3 (including) 3.0-beta3 (including)
Gallery Menalto 3.0-rc1 (including) 3.0-rc1 (including)
Gallery Menalto 3.0-rc2 (including) 3.0-rc2 (including)
Gallery Menalto 3.0.1 (including) 3.0.1 (including)
Gallery Menalto 3.0.2 (including) 3.0.2 (including)
Gallery Menalto 3.0.3 (including) 3.0.3 (including)
Gallery Menalto 3.0.4 (including) 3.0.4 (including)
Gallery Menalto 3.0.5 (including) 3.0.5 (including)
Gallery Menalto 3.0.6 (including) 3.0.6 (including)
Gallery Menalto 3.0.7 (including) 3.0.7 (including)

References