Malbum : Security vulnerabilities, CVEs

Copy

CVE-2007-1045

mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain privileges.

Max CVSS

10.0

EPSS Score

2.59%

Published

2007-02-21

Updated

2018-10-16

CVE-2006-6069

index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter.

Max CVSS

5.0

EPSS Score

0.43%

Published

2006-11-22

Updated

2018-10-17

CVE-2006-6068

Directory traversal vulnerability in the cached_album function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a .. (dot dot) in the gal parameter to index.php.

Max CVSS

2.6

EPSS Score

0.68%

Published

2006-11-22

Updated

2018-10-17

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!