image gallery management system vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

Multiple SQL injection vulnerabilities in 4images 1.7.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the sessionid parameter in (1) top.php and (2) member.php. NOTE: this issue has also been reported to affect 1.7.2.

4images Image Gallery Management System 1.7.1 4images Image Gallery Management System

2 EDB exploits

7.5

CVSSv2

Directory traversal vulnerability in index.php in 4Images 1.7.1 and previous versions allows remote malicious users to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.

4images Image Gallery Management System

1 EDB exploit

NA

In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection.

Phpgurukul Art Gallery Management System 1.1

3.5

CVSSv2

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored X...

Alumni Management System Project Alumni Management System 1.0

3.5

CVSSv2

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an malicious user to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be a...

4homepages 4images 1.7.11

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook