CVE-2013-2241

Published: Oct 10, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/gallery/gallery3/commit/cbbcf1b4791762d7da0ea7b6c4f4b551a4d9caed

x_refsource_CONFIRM

[oss-security] 20130704 Re: CVE Request -- gallery3 (3.0.9): Fixing two security flaws

mailing-list

x_refsource_MLIST

http://galleryproject.org/gallery_3_0_9

x_refsource_MISC

[oss-security] 20130705 Re: CVE Request -- gallery3 (3.0.9): Fixing two security flaws

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=981198

x_refsource_CONFIRM

http://sourceforge.net/apps/trac/gallery/ticket/2074

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-2241

Description

Affected Products

References