Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2005-0221
Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote malicious users to inject arbitrary web script or HTML via the g2_form[subject] field.
Gallery Project Gallery 2.0 Alpha
445
VMScore
CVE-2005-0222
main.php in Gallery 2.0 Alpha allows remote malicious users to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Gallery Project Gallery 2.0 Alpha
668
VMScore
CVE-2012-4919
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability
Gallery Project Gallery 1.4
668
VMScore
CVE-2002-2123
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote malicious users to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
Gallery Project Gallery 1.3.2
668
VMScore
CVE-2002-2130
publish_xp_docs.php in Gallery 1.3.2 allows remote malicious users to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.
Gallery Project Gallery 1.3.2
570
VMScore
CVE-2006-1126
Gallery 2 up to 2.0.2 allows remote malicious users to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR.
Gallery Project Gallery 2.0.2
755
VMScore
CVE-2004-1466
The set_time_limit function in Gallery prior to 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote malicious users to upload and execute execute arbitrary scripts before they are dele...
Gallery Project Gallery 1.4.4
1 EDB exploit
409
VMScore
CVE-2005-2596
User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.
Gallery Project Gallery 1.3.4
755
VMScore
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
NA
CVE-2022-3991
The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the update() function in versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for auth...
Photospace Gallery Project Photospace Gallery
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »