ReportizFlow
Filtered by vendor Menalto
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4353 | 1 Menalto | 1 Gallery | 2025-04-11 | N/A |
| Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | ||||
| CVE-2013-2138 | 1 Menalto | 1 Gallery | 2025-04-11 | N/A |
| The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack. | ||||
| CVE-2013-2240 | 1 Menalto | 1 Gallery | 2025-04-11 | N/A |
| lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138. | ||||