CVE-2008-2724
Published Jun 16, 2008
Last updated 7 years ago
Overview
- Description
- Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:menalto:gallery:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58BB4D3A-34F4-458B-9FB6-28D3B1156A53"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CD9940F-71D9-4AA5-B4C8-C464E371B982"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91B47B68-3C6B-4B49-87E4-35489CCAC050"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5373C47-DC8D-4DD9-B15E-707B79478928"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B86E3F23-A7E4-4BF1-AF08-84091490A530"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E64F4ECB-55CA-4B50-A23E-1C91217AD77F"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9E6E813-512A-43DD-AD45-0888F625BD6C"
},
{
"criteria": "cpe:2.3:a:menalto:gallery:2.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78D73880-557C-40F6-8229-BE560321835E"
}
],
"operator": "OR"
}
]
}
]