PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2008-08-04 19:41
Updated : 2024-02-04 17:33
NVD link : CVE-2008-3451
Mitre link : CVE-2008-3451
CVE.ORG link : CVE-2008-3451
JSON object : View
Products Affected
phpwebgallery
- phpwebgallery
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor