NextGEN Gallery <= 2.0.77 - CSRF & Arbitrary File UploadSign up to our free email alerts service for instant vulnerability notifications!
There are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests.
fixed in version 18.104.22.168
|Publicly Published||2015-03-25 (almost 3 years ago)|
|Added||2015-03-25 (almost 3 years ago)|
|Last Updated||2015-05-15 (almost 3 years ago)|
Copyright & License
|Copyright||All data and resources contained within this page and this web site is Copyright © The WPScan Team.|
|License||Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.|