Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery gallery 1.4.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2124
The register_globals simulation capability in Gallery 1.3.1 up to and including 1.4.1 allows remote malicious users to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412...
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-5296
Gallery 1.5.x prior to 1.5.10 and 1.6 prior to 1.6-RC3, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative via unspecified cookies. NOTE: some of these details are obtained from third party information.
Gallery Gallery
Gallery Gallery 1.4.1
Gallery Gallery 1.4.4
Gallery Gallery 1.3.2
Gallery Gallery 1.3.3
Gallery Gallery 1.5.2
Gallery Gallery 1.5.7
Gallery Gallery 1.2.1
Gallery Gallery 1.3.1
Gallery Gallery 1.5.1
Gallery Gallery 1.3.4
Gallery Gallery 1.4
6.8
CVSSv2
CVE-2004-1106
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and previous versions allows remote malicious users to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Gentoo Linux
10
CVSSv2
CVE-2004-0522
Gallery 1.4.3 and previous versions allows remote malicious users to bypass authentication and obtain Gallery administrator privileges.
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Debian Debian Linux 3.0
4.3
CVSSv2
CVE-2005-2603
Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
My Image Gallery My Image Gallery 1.4.1
1 EDB exploit
5
CVSSv2
CVE-2005-2604
index.php for My Image Gallery (Mig ) 1.4.1 allows remote malicious users to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message.
My Image Gallery My Image Gallery 1.4.1
5
CVSSv2
CVE-2006-4030
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and previous versions allows remote malicious users to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.5
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.5 Pl1
Gallery Project Gallery
4.3
CVSSv2
CVE-2005-2734
Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.5
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.4.4 Pl4
4.3
CVSSv2
CVE-2006-0330
Cross-site scripting (XSS) vulnerability in Gallery prior to 1.5.2 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).
Gallery Project Gallery 1.3.4
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.5.2 Rc2
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.5
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
6.5
CVSSv2
CVE-2006-0587
Unspecified vulnerability in util.php in Gallery prior to 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.5
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.5.1 Rc2
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.5.2 Rc2
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.3.4
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »