Filtered by vendor Menalto
Subscribe
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6686 | 1 Menalto | 1 Gallery | 2023-12-10 | 10.0 HIGH | N/A |
The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller. | |||||
CVE-2007-6689 | 1 Menalto | 1 Gallery | 2023-12-10 | 7.5 HIGH | N/A |
Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module. | |||||
CVE-2007-6692 | 1 Menalto | 1 Gallery | 2023-12-10 | 6.4 MEDIUM | N/A |
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules. |