Vulnerability Database

302,031

Total vulnerabilities in the database

CVE-2007-6689

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.

Published: Jan 17, 2008
Updated: Nov 9, 2025
CVE: CVE-2007-6689
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
menalto / gallery	-	2.2.3.x

http://bugs.gentoo.org/show_bug.cgi?id=203217
http://gallery.menalto.com/gallery_2.2.4_released
http://osvdb.org/41669
http://secunia.com/advisories/28898
http://security.gentoo.org/glsa/glsa-200802-04.xml

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo