Menalto

menalto

23 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Gallery Publish Xp Module

gallery_publish_xp_module

Gallery Webcam Module

gallery_webcam_module

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-6687 1Menalto 1Gallery Apr 23, 2026 Jan 17, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the (1) Core or (2) add-item modules; or via (3)...Show more Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery before 2.2.4 allow remote attackers to inject arbitrary web script or HTML via crafted filenames to the (1) Core or (2) add-item modules; or via (3) HTTP PROPPATCH in the WebDAV module.Show less
CVE-2007-6686 1Menalto 1Gallery Apr 23, 2026 Jan 17, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.
CVE-2007-6685 1Menalto 1Gallery Publish Xp Module Apr 23, 2026 Jan 17, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors.