VYPR
Unrated severityNVD Advisory· Published Dec 1, 2008· Updated Jun 16, 2026

CVE-2008-5296

CVE-2008-5296

Description

Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative via unspecified cookies. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*range: <=1.5.9
    • cpe:2.3:a:gallery:gallery:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.3.4:pl1:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.4.4:pl2:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.5.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:1.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gallery:gallery:*:rc2:*:*:*:*:*:*range: <=1.6
    • (no CPE)range: <1.5.10, <1.6-RC3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.