Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-4023
Unspecified vulnerability in the zipcart module in Gallery 2.0 prior to 2.0.2 allows remote malicious users to read arbitrary files via unknown vectors.
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Rc1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
5
CVSSv2
CVE-2004-2124
The register_globals simulation capability in Gallery 1.3.1 up to and including 1.4.1 allows remote malicious users to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412...
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.4
1 EDB exploit
6.4
CVSSv2
CVE-2005-3251
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote malicious users to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
6.8
CVSSv2
CVE-2004-1106
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and previous versions allows remote malicious users to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Gentoo Linux
10
CVSSv2
CVE-2004-0522
Gallery 1.4.3 and previous versions allows remote malicious users to bypass authentication and obtain Gallery administrator privileges.
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Debian Debian Linux 3.0
7.5
CVSSv2
CVE-2001-1234
Bharat Mediratta Gallery PHP script prior to 1.2.1 allows remote malicious users to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
Gallery Project Gallery 1.1
Gallery Project Gallery 1.2.1
Gallery Project Gallery 1.2
7.5
CVSSv2
CVE-2003-1227
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote malicious users to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002...
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2002-1412
Gallery photo album package prior to 1.3.1 allows local and possibly remote malicious users to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
Gallery Project Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
7.5
CVSSv2
CVE-2002-2123
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote malicious users to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
Gallery Project Gallery 1.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »