Vulnerabilities > Crux Software > Gallery > 1.30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-08 | CVE-2008-4484 | Permissions, Privileges, and Access Controls vulnerability in Crux Software Gallery main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php. | 6.8 |
2008-10-08 | CVE-2008-4483 | Path Traversal vulnerability in Crux Software Gallery Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |