Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-0454
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and previous versions 3.5.x and 3.6.x versions, on Windows allows user-assisted remote malicious users to inject arbitrary web script or HTML in the Local Machine Zone via the Title field ...
Microsoft Internet Explorer
Skype Technologies Skype 3.5
Skype Technologies Skype 3.6
Skype Technologies Skype
9.3
CVSSv2
CVE-2007-1600
PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote malicious users to execute arbitrary PHP code via a URL in the menu parameter.
Digital Eye Gallery Digital Eye Gallery 1.1 Beta
Digital Eye Gallery Digital Eye Gallery 0.1.1b
1 EDB exploit
9
CVSSv2
CVE-2020-28688
The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote malicious users to upload arbitrary files.
Artworks Gallery In Php\\, Css\\, Javascript\\, And Mysql Project Artworks Gallery In Php\\, Css\\, Javascript\\, And Mysql 1.0
9
CVSSv2
CVE-2020-28687
The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote malicious users to upload arbitrary files.
Artworks Gallery In Php\\, Css\\, Javascript\\, And Mysql Project Artworks Gallery In Php\\, Css\\, Javascript\\, And Mysql 1.0
9
CVSSv2
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.
Imagely Nextgen Gallery 2.1.10
Imagely Nextgen Gallery 2.0.66.29
Imagely Nextgen Gallery 2.0.66.27
Imagely Nextgen Gallery 2.0.66.26
Imagely Nextgen Gallery 2.0.66.17
Imagely Nextgen Gallery 2.0.25
Imagely Nextgen Gallery 2.0.23
Imagely Nextgen Gallery 2.0.21
Imagely Nextgen Gallery 2.0.17
Imagely Nextgen Gallery 1.9.3
Imagely Nextgen Gallery 1.9.2
Imagely Nextgen Gallery 1.9.1
Imagely Nextgen Gallery 1.9.0
Imagely Nextgen Gallery 1.8.4
Imagely Nextgen Gallery 1.5.5
Imagely Nextgen Gallery 1.5.4
Imagely Nextgen Gallery 1.5.3
Imagely Nextgen Gallery 1.5.2
Imagely Nextgen Gallery 2.1.9
Imagely Nextgen Gallery 2.1.2
Imagely Nextgen Gallery 2.0.79
Imagely Nextgen Gallery 2.0.74
9
CVSSv2
CVE-2006-1668
newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and previous versions allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter an...
Crafty Syntax Image Gallery Crafty Syntax Image Gallery
1 EDB exploit
9
CVSSv2
CVE-2005-4800
Direct static code injection vulnerability in Yet Another PHP Image Gallery (YaPIG) 0.95b and previous versions allows remote authenticated administrators to inject arbitrary PHP code via the TestGallery parameter in a mod_info action to modify_gallery.php, which inserts the code...
Yapig Yapig 0.95
Yapig Yapig
Yapig Yapig 0.92b
Yapig Yapig 0.93u
Yapig Yapig 0.94u
7.8
CVSSv2
CVE-2009-2922
Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 up to and including 2.3.5 allows remote malicious users to read arbitrary files via a base64-encoded file parameter.
Pixaria Pixaria Gallery 2.3.5
Pixaria Pixaria Gallery 2.0.0
1 EDB exploit
7.8
CVSSv2
CVE-2009-0331
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then thi...
Quirm Espg 1.72
1 EDB exploit
7.8
CVSSv2
CVE-2007-2642
Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang2 parameter.
R2k R2k Gallery 1.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »