Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery gallery 1.4.1 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2004-2124
The register_globals simulation capability in Gallery 1.3.1 up to and including 1.4.1 allows remote malicious users to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412...
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.4
1 EDB exploit
605
VMScore
CVE-2008-5296
Gallery 1.5.x prior to 1.5.10 and 1.6 prior to 1.6-RC3, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative via unspecified cookies. NOTE: some of these details are obtained from third party information.
Gallery Gallery
Gallery Gallery 1.4.1
Gallery Gallery 1.4.4
Gallery Gallery 1.3.2
Gallery Gallery 1.3.3
Gallery Gallery 1.5.2
Gallery Gallery 1.5.7
Gallery Gallery 1.2.1
Gallery Gallery 1.3.1
Gallery Gallery 1.5.1
Gallery Gallery 1.3.4
Gallery Gallery 1.4
605
VMScore
CVE-2004-1106
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and previous versions allows remote malicious users to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Gentoo Linux
890
VMScore
CVE-2004-0522
Gallery 1.4.3 and previous versions allows remote malicious users to bypass authentication and obtain Gallery administrator privileges.
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Debian Debian Linux 3.0
435
VMScore
CVE-2005-2603
Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
My Image Gallery My Image Gallery 1.4.1
1 EDB exploit
445
VMScore
CVE-2005-2604
index.php for My Image Gallery (Mig ) 1.4.1 allows remote malicious users to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message.
My Image Gallery My Image Gallery 1.4.1
445
VMScore
CVE-2006-4030
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and previous versions allows remote malicious users to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.5
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.5 Pl1
Gallery Project Gallery
383
VMScore
CVE-2005-2734
Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.5
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.4.4 Pl4
383
VMScore
CVE-2006-0330
Cross-site scripting (XSS) vulnerability in Gallery prior to 1.5.2 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).
Gallery Project Gallery 1.3.4
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.5.2 Rc2
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.5
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
578
VMScore
CVE-2006-0587
Unspecified vulnerability in util.php in Gallery prior to 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.5
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.5.2 Rc2
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.3.4
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »