CVE-2007-6686 : The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via

The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller.

Published 2008-01-17 02:00:00

Updated 2008-11-15 07:06:09

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-6686

Probability of exploitation activity in the next 30 days: 0.38%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6686

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2007-6686

http://gallery.menalto.com/gallery_2.2.4_released

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-200802-04.xml

CVEs referencing this url
http://bugs.gentoo.org/show_bug.cgi?id=203217

CVEs referencing this url

Products affected by CVE-2007-6686

Menalto » Gallery
Versions up to, including, (<=) 2.2.3
cpe:2.3:a:menalto:gallery:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2007-6686

Exploit prediction scoring system (EPSS) score for CVE-2007-6686

CVSS scores for CVE-2007-6686

References for CVE-2007-6686

Products affected by CVE-2007-6686