CVE-2008-2724

Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.
Configurations

Configuration 1

cpe:2.3:a:menalto:gallery:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.1:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:menalto:gallery:2.2.2:*:*:*:*:*:*:*

Information

Published : 2008-06-16 11:41

Updated : 2017-08-08 01:31


NVD link : CVE-2008-2724

Mitre link : CVE-2008-2724

Products Affected
No products.
CWE