MidnightBSD

Advisories for pixaria

CVE-2007-2457 HIGH

PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
pixaria pixaria_gallery 1.2.1
pixaria pixaria_gallery 1.0.2
pixaria pixaria_gallery 1.1.6
pixaria pixaria_gallery 1.1.4
pixaria pixaria_gallery 1.0.1
pixaria pixaria_gallery 1.3.2
pixaria pixaria_gallery 1.1.2
pixaria pixaria_gallery 1.3.3
pixaria pixaria_gallery 1.3
pixaria pixaria_gallery 1.4.1
pixaria pixaria_gallery 1.3.1
pixaria pixaria_gallery 1.0.3
pixaria pixaria_gallery 1.1.5
pixaria pixaria_gallery 1.2
pixaria pixaria_gallery 1.1.3
pixaria pixaria_gallery 1.1.1
pixaria pixaria_gallery 1.4.2
pixaria pixaria_gallery 1.0.5
pixaria pixaria_gallery 1.4
pixaria pixaria_gallery 1.0.4
pixaria pixaria_gallery 1.1
CVE-2007-2458 HIGH

Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery before 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter to psg.smarty.lib.php and certain include and library scripts, a different vector than CVE-2007-2457.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
pixaria pixaria_gallery 1.2.1
pixaria pixaria_gallery 1.0.2
pixaria pixaria_gallery 1.1.6
pixaria pixaria_gallery 1.1.4
pixaria pixaria_gallery 1.0.1
pixaria pixaria_gallery 1.3.2
pixaria pixaria_gallery 1.1.2
pixaria pixaria_gallery 1.3.3
pixaria pixaria_gallery 1.3
pixaria pixaria_gallery 1.4.1
pixaria pixaria_gallery 1.3.1
pixaria pixaria_gallery 1.0.3
pixaria pixaria_gallery 1.1.5
pixaria pixaria_gallery 1.2
pixaria pixaria_gallery 1.1.3
pixaria pixaria_gallery 1.1.1
pixaria pixaria_gallery 1.4.2
pixaria pixaria_gallery 1.0.5
pixaria pixaria_gallery 1.4
pixaria pixaria_gallery 1.0.4
pixaria pixaria_gallery 1.1
CVE-2009-2922 HIGH

Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 through 2.3.5 allows remote attackers to read arbitrary files via a base64-encoded file parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
pixaria pixaria_gallery 2.0.0
pixaria pixaria_gallery 2.3.5