Vulnerabilities > CVE-2005-0222 - Denial-Of-Service vulnerability in Gallery Project Gallery 2.0Alpha
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_5752A0DF60C54876A872F12F9A02FA05.NASL |
| description | Gallery includes several cross-site scripting vulnerabilities that could allow malicious content to be injected. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18940 |
| published | 2005-07-13 |
| reporter | This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/18940 |
| title | FreeBSD : gallery -- XSS (5752a0df-60c5-4876-a872-f12f9a02fa05) |
References
- http://archives.neohapsis.com/archives/vulnwatch/2005-q1/0031.html
- http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=147
- http://marc.info/?l=bugtraq&m=110608459222364&w=2
- http://theinsider.deep-ice.com/texts/advisory69.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18940