Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-0219
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote malicious users to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_...
Gallery Project Gallery 1.3.4 Pl1
5
CVSSv2
CVE-2005-0220
Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Gallery Project Gallery 1.4.4 Pl2
4.3
CVSSv2
CVE-2005-0221
Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote malicious users to inject arbitrary web script or HTML via the g2_form[subject] field.
Gallery Project Gallery 2.0 Alpha
7.5
CVSSv2
CVE-2002-2130
publish_xp_docs.php in Gallery 1.3.2 allows remote malicious users to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
Gallery Project Gallery 1.3.2
5
CVSSv2
CVE-2005-0222
main.php in Gallery 2.0 Alpha allows remote malicious users to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Gallery Project Gallery 2.0 Alpha
7.5
CVSSv2
CVE-2012-4919
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability
Gallery Project Gallery 1.4
4.6
CVSSv2
CVE-2005-2596
User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.
Gallery Project Gallery 1.3.4
7.5
CVSSv2
CVE-2004-1466
The set_time_limit function in Gallery prior to 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote malicious users to upload and execute execute arbitrary scripts before they are dele...
Gallery Project Gallery 1.4.4
1 EDB exploit
7.5
CVSSv2
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
NA
CVE-2022-4651
The Justified Gallery WordPress plugin prior to 1.7.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Justified Gallery Project Justified Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »