Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project gallery vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-2130
publish_xp_docs.php in Gallery 1.3.2 allows remote malicious users to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
Gallery Project Gallery 1.3.2
570
VMScore
CVE-2006-1126
Gallery 2 up to 2.0.2 allows remote malicious users to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR.
Gallery Project Gallery 2.0.2
755
VMScore
CVE-2004-1466
The set_time_limit function in Gallery prior to 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote malicious users to upload and execute execute arbitrary scripts before they are dele...
Gallery Project Gallery 1.4.4
1 EDB exploit
445
VMScore
CVE-2005-0220
Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Gallery Project Gallery 1.4.4 Pl2
383
VMScore
CVE-2005-0221
Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote malicious users to inject arbitrary web script or HTML via the g2_form[subject] field.
Gallery Project Gallery 2.0 Alpha
445
VMScore
CVE-2005-0222
main.php in Gallery 2.0 Alpha allows remote malicious users to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Gallery Project Gallery 2.0 Alpha
668
VMScore
CVE-2012-4919
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability
Gallery Project Gallery 1.4
383
VMScore
CVE-2005-0219
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote malicious users to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_...
Gallery Project Gallery 1.3.4 Pl1
755
VMScore
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
755
VMScore
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin prior to 3.1.4 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to t...
Reflex Gallery Project Reflex Gallery
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »