Page 5 of 60 results (0.011 seconds)

CVSS: 6.8EPSS: 6%CPEs: 7EXPL: 1

main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php. main.php en Crux Gallery 1.32 y versiones anteriores, supone que el usuario es un administrador, si el nombre del parámetro no es "users", el cual permite a los atacantes remotos obtener acceso como administrador, estableciendo el nombre del parámetro a "users", como se demuestra a través de index.php. • https://www.exploit-db.com/exploits/6586 http://secunia.com/advisories/32058 http://securityreason.com/securityalert/4365 http://www.attrition.org/pipermail/vim/2008-October/002083.html http://www.securityfocus.com/archive/1/496763/100/0/threaded http://www.securityfocus.com/bid/31430 https://exchange.xforce.ibmcloud.com/vulnerabilities/45443 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 0

Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality. Gallery, versiones anteriores a 1.5.9, y 2.x y versiones anteriores a 2.2.6, no trata adecuadamente archivos ZIP que contienen enlaces simbólicos, el cual permite a los usuarios remotos autentificados manejar los ataques de salto de directorio y leer archivos arbitrariamente a través de vectores relativos a el fichero cargado funcionalmente (alias zip cargado). • http://gallery.menalto.com/gallery_1.5.9_released http://gallery.menalto.com/gallery_2.2.6_released http://secunia.com/advisories/31912 http://secunia.com/advisories/32662 http://secunia.com/advisories/33144 http://security.gentoo.org/glsa/glsa-200811-02.xml http://www.securityfocus.com/bid/31231 https://exchange.xforce.ibmcloud.com/vulnerabilities/45228 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html https://www.redhat.com/archives/fedora-package& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page." Vulnerabilidad de secuencias de comandos en sitios cruzados - XSS en Gallery 2.x y versiones anteriores a 2.2.6 que permite a los atacantes remotos inyectar una secuencia de comandos web o HTML arbitrarios a través de una animación Flash manitulada, en relación a la habilidad de la animación a "interactuar con la página incrustada" • http://gallery.menalto.com/gallery_2.2.6_released http://secunia.com/advisories/31858 http://secunia.com/advisories/32662 http://secunia.com/advisories/33144 http://security.gentoo.org/glsa/glsa-200811-02.xml http://www.securityfocus.com/bid/31231 https://exchange.xforce.ibmcloud.com/vulnerabilities/45227 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. Gallery, versiones anteriores a 1.5.9, 2.x y versiones anteriores a 2.2.6 no asigna el indicador seguro para la cookie de sesión en una sesión https, el cual puede causar que la cookie sea enviada en una petición http y hacer más fácil a los atacantes remotos capturar esta cookie. • http://gallery.menalto.com/gallery_1.5.9_released http://gallery.menalto.com/gallery_2.2.6_released http://int21.de/cve/CVE-2008-3662-gallery.html http://seclists.org/fulldisclosure/2008/Sep/0379.html http://secunia.com/advisories/32662 http://secunia.com/advisories/33144 http://security.gentoo.org/glsa/glsa-200811-02.xml http://www.securityfocus.com/archive/1/496509/100/0/threaded http://www.securityfocus.com/bid/31231 https://www.redhat.com/archives/fedora-package&# • CWE-310: Cryptographic Issues •

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1

Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter within a modload action. Vulnerabilidad de salto de directorio en contrib/phpBB2/modules.php de Gallery 1.5.7 y 1.6-alpha3, cuando register_globals está activo, permite a atacantes remotos incluir y ejecutar ficheros locales a través de .. (punto punto) en el parámetro phpEx dentro de una acción modload. • http://gallery.menalto.com/gallery_1.5.8_released http://secunia.com/advisories/32662 http://security.gentoo.org/glsa/glsa-200811-02.xml http://securityreason.com/securityalert/4142 http://www.securityfocus.com/archive/1/495284/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/44373 https://www.exploit-db.com/exploits/6222 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •