CVE-2007-6685
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.
Vulnerabilidad no especificada en el módulo Publish XP para Menalto Gallery anterior a 2.2.4 permite a atacantes remotos crear álbumes y subir ficheros mediante vectores desconocidos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-01-16 CVE Reserved
- 2008-01-17 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://bugs.gentoo.org/show_bug.cgi?id=203217 | X_refsource_confirm | |
| http://osvdb.org/41675 | Vdb Entry | |
| http://secunia.com/advisories/28898 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://gallery.menalto.com/gallery_2.2.4_released | 2008-11-15 |
| URL | Date | SRC |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200802-04.xml | 2008-11-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Menalto Search vendor "Menalto" | Gallery Publish Xp Module Search vendor "Menalto" for product "Gallery Publish Xp Module" | <= 2.2.3 Search vendor "Menalto" for product "Gallery Publish Xp Module" and version " <= 2.2.3" | - |
Affected
| ||||||