Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2007-0115
Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be acce...
Coppermine Coppermine Photo Gallery
6.5
CVSSv2
CVE-2007-0835
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to execute arbitrary shell commands via shell metacharacters (";" semicolon) in the "Command line options for ImageMagick" form field, when used as an option ...
Coppermine Coppermine Photo Gallery
7.5
CVSSv2
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass para...
Developiteasy Photo Gallery 1.2
1 EDB exploit
NA
CVE-2023-41658
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.
I13websolution Web Solution Photo Gallery Slideshow \\& Masonry Tiled Gallery
NA
CVE-2022-47588
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Peter Petreski Simple Photo Gallery simple-photo-gallery allows SQL Injection.This issue affects Simple Photo Gallery: from n/a through v1.8.1.
Tipsandtricks-hq Simple Photo Gallery
NA
CVE-2022-2224
The WordPress plugin Gallery for Social Photo is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.0.27 due to failure to properly check for the existence of a nonce in the function gifeed_duplicate_feed. This make it possible for unauthenticated malic...
Ghozylab Gallery For Social Photo
7.5
CVSSv2
CVE-2005-3986
Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parameter in content.php.
Verosky Media Instant Photo Gallery
2 EDB exploits
7.5
CVSSv2
CVE-2005-1225
SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote malicious users to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php.
Coppermine Coppermine Photo Gallery 1.3.2
5
CVSSv2
CVE-2002-1411
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the id parameter.
Duma Photo Gallery System 0.99.4
2.6
CVSSv2
CVE-2006-6123
Coppermine Photo Gallery (CPG) 1.4.8 stable, with register_globals enabled, allows remote malicious users to bypass XSS protection and set arbitrary variables via a query string that causes the variable to be defined in global space, with separate _GET, _REQUEST, or other critica...
Coppermine Coppermine Photo Gallery 1.4.8 Stable
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »