PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugs.phpwebgallery.net/view.php?id=769 - | |
References | () http://forum.phpwebgallery.net/viewtopic.php?id=13545 - | |
References | () http://secunia.com/advisories/31232 - Vendor Advisory | |
References | () http://www.openwall.com/lists/oss-security/2008/08/01/3 - | |
References | () http://www.securityfocus.com/bid/30431 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/44101 - |
Information
Published : 2008-08-04 19:41
Updated : 2024-11-21 00:49
NVD link : CVE-2008-3451
Mitre link : CVE-2008-3451
CVE.ORG link : CVE-2008-3451
JSON object : View
Products Affected
phpwebgallery
- phpwebgallery
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor