Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery gallery 1.4.4 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2004-1466
The set_time_limit function in Gallery prior to 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote malicious users to upload and execute execute arbitrary scripts before they are dele...
Gallery Project Gallery 1.4.4
1 EDB exploit
1000
VMScore
CVE-2007-2715
Admin/users.php in Snaps! Gallery 1.4.4 allows remote malicious users to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
Snaps Gallery Snaps Gallery 1.4.4
1 EDB exploit
605
VMScore
CVE-2008-5296
Gallery 1.5.x prior to 1.5.10 and 1.6 prior to 1.6-RC3, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative via unspecified cookies. NOTE: some of these details are obtained from third party information.
Gallery Gallery
Gallery Gallery 1.4.1
Gallery Gallery 1.4.4
Gallery Gallery 1.3.2
Gallery Gallery 1.3.3
Gallery Gallery 1.5.2
Gallery Gallery 1.5.7
Gallery Gallery 1.2.1
Gallery Gallery 1.3.1
Gallery Gallery 1.5.1
Gallery Gallery 1.3.4
Gallery Gallery 1.4
668
VMScore
CVE-2006-2976
Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery prior to 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors.
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.5
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4.3
Coppermine Coppermine Photo Gallery 1.4.6
Coppermine Coppermine Photo Gallery 1.4 Beta
660
VMScore
CVE-2014-5460
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin prior to 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-ga...
Tribulant Tibulant Slideshow Gallery 1.4.4
Tribulant Tibulant Slideshow Gallery 1.4.5
Tribulant Tibulant Slideshow Gallery
Tribulant Tibulant Slideshow Gallery 1.4.2
Tribulant Tibulant Slideshow Gallery 1.4.3
Tribulant Tibulant Slideshow Gallery 1.4
Tribulant Tibulant Slideshow Gallery 1.4.1
2 EDB exploits
655
VMScore
CVE-2007-4976
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and previous versions allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
Coppermine Coppermine Photo Gallery 1.4.10
Coppermine Coppermine Photo Gallery 1.4.11
Coppermine Coppermine Photo Gallery 1.4.12
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
355
VMScore
CVE-2007-4977
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the referer parameter.
Coppermine Coppermine Photo Gallery 1.4.10
Coppermine Coppermine Photo Gallery 1.4.11
Coppermine Coppermine Photo Gallery 1.4.12
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
505
VMScore
CVE-2006-1909
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote malicious users to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences...
Coppermine Coppermine Photo Gallery 1.4.4
1 EDB exploit
668
VMScore
CVE-2006-2514
Coppermine galleries prior to 1.4.6, when running on Apache with mod_mime installed, allows remote malicious users to upload arbitrary files via a filename with multiple file extensions.
Coppermine Coppermine Photo Gallery 1.1.0
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4.3
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4 Beta
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.3.2
Coppermine Coppermine Photo Gallery 1.3.3
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.3
Coppermine Coppermine Photo Gallery
655
VMScore
CVE-2007-0122
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and previous versions allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start pa...
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.0
Coppermine Coppermine Photo Gallery 1.2.2 B-nuke
Coppermine Coppermine Photo Gallery 1.3
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.4.9
Coppermine Coppermine Photo Gallery
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.3.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1
Coppermine Coppermine Photo Gallery 1.3.2
Coppermine Coppermine Photo Gallery 1.3.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »