Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery gallery vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2004-2124
The register_globals simulation capability in Gallery 1.3.1 up to and including 1.4.1 allows remote malicious users to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412...
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.4
1 EDB exploit
655
VMScore
CVE-2008-0504
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) prior to 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom...
Coppermine-gallery Coppermine Photo Gallery 1.4.11
Coppermine-gallery Coppermine Photo Gallery 1.2.0
Coppermine-gallery Coppermine Photo Gallery
Coppermine-gallery Coppermine Photo Gallery 1.2.1
Coppermine-gallery Coppermine Photo Gallery 1.4.0
Coppermine-gallery Coppermine Photo Gallery 1.2
Coppermine-gallery Coppermine Photo Gallery 1.0
Coppermine-gallery Coppermine Photo Gallery 1.1
Coppermine-gallery Coppermine Photo Gallery 1.3.2
Coppermine-gallery Coppermine Photo Gallery 1.4
Coppermine-gallery Coppermine Photo Gallery 1.3.4
Coppermine-gallery Coppermine Photo Gallery 1.3.3
Coppermine-gallery Coppermine Photo Gallery 1.4.12
Coppermine-gallery Coppermine Photo Gallery 1.4.13
Coppermine-gallery Coppermine Photo Gallery 1.3.1
Coppermine-gallery Coppermine Photo Gallery 1.4.10
Coppermine-gallery Coppermine Photo Gallery 1.3.5
Coppermine-gallery Coppermine Photo Gallery 1.4.1
Coppermine-gallery Coppermine Photo Gallery 1.3.0
Coppermine-gallery Coppermine Photo Gallery 1.1.0
1 EDB exploit
570
VMScore
CVE-2005-3251
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote malicious users to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
755
VMScore
CVE-2008-3481
themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and previous versions allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Coppermine-gallery Coppermine Photo Gallery 1.4.17
Coppermine-gallery Coppermine Photo Gallery 1.4.11
Coppermine-gallery Coppermine Photo Gallery 1.4.14
Coppermine-gallery Coppermine Photo Gallery 1.2.0
Coppermine-gallery Coppermine Photo Gallery 1.4.8
Coppermine-gallery Coppermine Photo Gallery 1.2.1
Coppermine-gallery Coppermine Photo Gallery 1.4.7
Coppermine-gallery Coppermine Photo Gallery 1.4.0
Coppermine-gallery Coppermine Photo Gallery 1.4.2
Coppermine-gallery Coppermine Photo Gallery 1.4.16
Coppermine-gallery Coppermine Photo Gallery 1.4.3
Coppermine-gallery Coppermine Photo Gallery 1.4.15
Coppermine-gallery Coppermine Photo Gallery 1.0
Coppermine-gallery Coppermine Photo Gallery 1.4.5
Coppermine-gallery Coppermine Photo Gallery 1.1
Coppermine-gallery Coppermine Photo Gallery 1.4.4
Coppermine-gallery Coppermine Photo Gallery 1.4.9
Coppermine-gallery Coppermine Photo Gallery
Coppermine-gallery Coppermine Photo Gallery 1.4.12
Coppermine-gallery Coppermine Photo Gallery 1.4.13
Coppermine-gallery Coppermine Photo Gallery 1.4.10
Coppermine-gallery Coppermine Photo Gallery 1.4.6
1 EDB exploit
755
VMScore
CVE-2008-3486
Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and previous versions, when the charset is utf-8, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot)...
Coppermine-gallery Coppermine Photo Gallery 1.4.17
Coppermine-gallery Coppermine Photo Gallery 1.4.11
Coppermine-gallery Coppermine Photo Gallery 1.4.14
Coppermine-gallery Coppermine Photo Gallery 1.2.0
Coppermine-gallery Coppermine Photo Gallery 1.4.8
Coppermine-gallery Coppermine Photo Gallery 1.2.1
Coppermine-gallery Coppermine Photo Gallery 1.4.7
Coppermine-gallery Coppermine Photo Gallery 1.4.0
Coppermine-gallery Coppermine Photo Gallery 1.4.2
Coppermine-gallery Coppermine Photo Gallery 1.4.16
Coppermine-gallery Coppermine Photo Gallery 1.4.3
Coppermine-gallery Coppermine Photo Gallery 1.4.15
Coppermine-gallery Coppermine Photo Gallery 1.0
Coppermine-gallery Coppermine Photo Gallery 1.4.5
Coppermine-gallery Coppermine Photo Gallery 1.1
Coppermine-gallery Coppermine Photo Gallery 1.4.4
Coppermine-gallery Coppermine Photo Gallery 1.4.9
Coppermine-gallery Coppermine Photo Gallery
Coppermine-gallery Coppermine Photo Gallery 1.4.12
Coppermine-gallery Coppermine Photo Gallery 1.4.13
Coppermine-gallery Coppermine Photo Gallery 1.4.10
Coppermine-gallery Coppermine Photo Gallery 1.4.6
1 EDB exploit
605
VMScore
CVE-2004-1106
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and previous versions allows remote malicious users to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Gentoo Linux
890
VMScore
CVE-2004-0522
Gallery 1.4.3 and previous versions allows remote malicious users to bypass authentication and obtain Gallery administrator privileges.
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4
Debian Debian Linux 3.0
409
VMScore
CVE-2003-0771
Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
Apache Gallery Apache Gallery 0.4
Apache Gallery Apache Gallery 0.5.1
Apache Gallery Apache Gallery 0.6
Apache Gallery Apache Gallery 0.5
Apache Gallery Apache Gallery 0.4.1
668
VMScore
CVE-2001-1234
Bharat Mediratta Gallery PHP script prior to 1.2.1 allows remote malicious users to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
Gallery Project Gallery 1.1
Gallery Project Gallery 1.2.1
Gallery Project Gallery 1.2
534
VMScore
CVE-2010-4353
Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery prior to 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Menalto Gallery 2.2.1
Menalto Gallery 1.6
Menalto Gallery 2.2.3
Menalto Gallery
Menalto Gallery 1.5.7
Menalto Gallery 2.2.4
Menalto Gallery 2.1.1
Menalto Gallery 2.1.2
Menalto Gallery 2.1
Menalto Gallery 2.2.0
Menalto Gallery 2.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »