CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2005-4021
https://notcve.org/view.php?id=CVE-2005-4021
The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. • http://www.securityfocus.com/archive/1/418200/100/0/threaded http://www.securityfocus.com/bid/15614 http://www.vupen.com/english/advisories/2005/2681 •
CVSS: 6.4EPSS: 1%CPEs: 8EXPL: 1CVE-2005-3251
https://notcve.org/view.php?id=CVE-2005-3251
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter. • http://dipper.info/security/20051012 http://gallery.menalto.com/gallery_2.0.1_released http://secunia.com/advisories/17205 http://securityreason.com/securityalert/88 http://www.vuxml.org/freebsd/47bdabcf-3cf9-11da-baa2-0004614cc33d.html •