Access Restriction Bypass Vulnerability in Gallery 3 before 3.0.9

Access Restriction Bypass Vulnerability in Gallery 3 before 3.0.9

CVE-2013-2241 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.

Learn more about our Web Application Penetration Testing UK.