Unrated severityNVD Advisory· Published Jan 17, 2008· Updated Apr 23, 2026

CVE-2007-6689

Description

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the (1) Core application or (2) MIME module.

Affected products

Menalto/Gallery
cpe:2.3:a:menalto:gallery:*:*:*:*:*:*:*:*
Range: <=2.2.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gallery.menalto.com/gallery_2.2.4_releasednvdPatch
bugs.gentoo.org/show_bug.cginvd
osvdb.org/41669nvd
secunia.com/advisories/28898nvd
security.gentoo.org/glsa/glsa-200802-04.xmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000