CVE-2015-3634 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
slideshow_project	slideshow	2.2.8
slideshow_project	slideshow	2.2.9
slideshow_project	slideshow	2.2.10
slideshow_project	slideshow	2.2.11
slideshow_project	slideshow	2.2.12
slideshow_project	slideshow	2.2.13
slideshow_project	slideshow	2.2.14
slideshow_project	slideshow	2.2.15
slideshow_project	slideshow	2.2.16
slideshow_project	slideshow	2.2.17
slideshow_project	slideshow	2.2.18
slideshow_project	slideshow	2.2.19
slideshow_project	slideshow	2.2.20
slideshow_project	slideshow	2.2.21

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://www.openwall.com/lists/oss-security/2015/05/02/12

http://www.securityfocus.com/bid/74453

https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04

https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers

http://www.openwall.com/lists/oss-security/2015/05/02/12

http://www.securityfocus.com/bid/74453

https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04

https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers