Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo-gallery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-3538
A vulnerability classified as problematic was found in SimplePHPscripts Photo Gallery PHP 2.0. This vulnerability affects unknown code of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remo...
Simplephpscripts Photo Gallery Php 2.0
7.5
CVSSv2
CVE-2010-4948
PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Phpgalleryscript Php Free Photo Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2006-4321
PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Coppermine Coppermine Photo Gallery 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2021-24909
The ACF Photo Gallery Field WordPress plugin prior to 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue
Navz Acf Photo Gallery Field
7.5
CVSSv2
CVE-2007-4283
PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter.
Coppermine Coppermine Photo Gallery 1.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-3064
SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote malicious users to execute arbitrary SQL commands via the (1) referer and (2) user-agen...
Coppermine Coppermine Photo Gallery 1.4.8
7.5
CVSSv2
CVE-2006-3688
SQL injection vulnerability in Room.php in Francisco Charrua Photo-Gallery 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Francisco Charrua Photo-gallery 1.0
NA
CVE-2023-3957
The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with su...
Navz Acf Photo Gallery Field
4.3
CVSSv2
CVE-2009-1616
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
Coppermine Coppermine Photo Gallery 1.4.22
1 EDB exploit
7.5
CVSSv2
CVE-2005-1225
SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote malicious users to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.
Coppermine Coppermine Photo Gallery 1.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »