CVE-2007-6689

N/A Unknown
Published: January 17, 2008 Modified: April 23, 2026
View on NVD

Description

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=203217
Source: cve@mitre.org
http://gallery.menalto.com/gallery_2.2.4_released
Source: cve@mitre.org
Patch
http://osvdb.org/41669
Source: cve@mitre.org
http://secunia.com/advisories/28898
Source: cve@mitre.org
http://security.gentoo.org/glsa/glsa-200802-04.xml
Source: cve@mitre.org
http://bugs.gentoo.org/show_bug.cgi?id=203217
Source: af854a3a-2127-422b-91ae-364da2661108
http://gallery.menalto.com/gallery_2.2.4_released
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://osvdb.org/41669
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/28898
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200802-04.xml
Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.0%
78th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

menalto

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8