embed.php in Menalto Gallery before 2.2.5 allows remote attackers to obtain the full path via unknown vectors related to "spoofing the remote address."
Max CVSS
5.0
EPSS Score
0.67%
Published
2008-06-16
Updated
2017-08-08
Unspecified vulnerability in the album-select module in Menalto Gallery before 2.2.5 allows remote attackers to obtain titles of hidden albums by attempting to add a new album to a hidden album.
Max CVSS
5.0
EPSS Score
0.60%
Published
2008-06-16
Updated
2017-08-08
Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules.
Max CVSS
10.0
EPSS Score
1.33%
Published
2008-01-17
Updated
2008-11-15
3 vulnerabilities found