Access Restriction Bypass Vulnerability in Gallery 3 before 3.0.9
CVE-2013-2241 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in the size parameter.
Learn more about our Web Application Penetration Testing UK.