CVE-2013-2241

Published October 10th, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.

gallery/gallery3

The simplest, most intuitive way to host your photos on your website.

GitHub

417