Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery gallery vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-2087
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) movie title to modules/gallery/controllers/movies.php or (2) key variable to modules/gallery/views/error_admin.html.php.
Galleryproject Gallery 3.0.6
Galleryproject Gallery 3.0.5
Galleryproject Gallery 3.0.4
Galleryproject Gallery 3.0.3
Galleryproject Gallery 3.0.1
Galleryproject Gallery 3.0.2
Galleryproject Gallery 3.0
755
VMScore
CVE-2003-1227
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote malicious users to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002...
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4
1 EDB exploit
755
VMScore
CVE-2007-2457
PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery prior to 1.4.3 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.
Pixaria Pixaria Gallery 1.2.1
Pixaria Pixaria Gallery 1.0.5
Pixaria Pixaria Gallery 1.1.1
Pixaria Pixaria Gallery 1.4
Pixaria Pixaria Gallery 1.1.5
Pixaria Pixaria Gallery 1.1.6
Pixaria Pixaria Gallery 1.3.3
Pixaria Pixaria Gallery 1.2
Pixaria Pixaria Gallery 1.0.3
Pixaria Pixaria Gallery 1.3
Pixaria Pixaria Gallery 1.1.3
Pixaria Pixaria Gallery 1.4.1
Pixaria Pixaria Gallery 1.4.2
Pixaria Pixaria Gallery 1.1.4
Pixaria Pixaria Gallery 1.0.2
Pixaria Pixaria Gallery 1.0.4
Pixaria Pixaria Gallery 1.3.1
Pixaria Pixaria Gallery 1.1
Pixaria Pixaria Gallery 1.1.2
Pixaria Pixaria Gallery 1.3.2
Pixaria Pixaria Gallery 1.0.1
1 EDB exploit
755
VMScore
CVE-2007-2458
Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery prior to 1.4.3 allow remote malicious users to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter to psg.smarty.lib.php and certain include and library scripts, a different vector than CV...
Pixaria Pixaria Gallery 1.2.1
Pixaria Pixaria Gallery 1.0.5
Pixaria Pixaria Gallery 1.1.1
Pixaria Pixaria Gallery 1.4
Pixaria Pixaria Gallery 1.1.5
Pixaria Pixaria Gallery 1.1.6
Pixaria Pixaria Gallery 1.3.3
Pixaria Pixaria Gallery 1.2
Pixaria Pixaria Gallery 1.0.3
Pixaria Pixaria Gallery 1.3
Pixaria Pixaria Gallery 1.1.3
Pixaria Pixaria Gallery 1.4.1
Pixaria Pixaria Gallery 1.4.2
Pixaria Pixaria Gallery 1.1.4
Pixaria Pixaria Gallery 1.0.2
Pixaria Pixaria Gallery 1.0.4
Pixaria Pixaria Gallery 1.3.1
Pixaria Pixaria Gallery 1.1
Pixaria Pixaria Gallery 1.1.2
Pixaria Pixaria Gallery 1.3.2
Pixaria Pixaria Gallery 1.0.1
1 EDB exploit
383
VMScore
CVE-2012-1113
Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 prior to 2.3.2 and 3 prior to 3.0.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Maian Gallery 2.3.1
Menalto Gallery 2.2.6
Maian Gallery 2.3
Maian Gallery 3.0.1
Maian Gallery 3.0.2
Maian Gallery 3.0
890
VMScore
CVE-2012-2405
Gallery 2 prior to 2.3.2 and 3 prior to 3.0.3 does not properly implement encryption, which has unspecified impact and attack vectors, a different vulnerability than CVE-2012-1113.
Maian Gallery 2.3
Maian Gallery 2.3.1
Menalto Gallery 2.2.6
Maian Gallery 3.0.1
Maian Gallery 3.0.2
Maian Gallery 3.0
383
VMScore
CVE-2013-3261
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin prior to 2.72 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter in a flag-manage-gallery action.
Photogallerycreator Flash-album-gallery 2.56
Photogallerycreator Flash-album-gallery 2.55
Photogallerycreator Flash-album-gallery 2.54
Photogallerycreator Flash-album-gallery 2.53
Photogallerycreator Flash-album-gallery 1.90
Photogallerycreator Flash-album-gallery 1.85
Photogallerycreator Flash-album-gallery 1.84
Photogallerycreator Flash-album-gallery 1.83
Photogallerycreator Flash-album-gallery 1.82
Photogallerycreator Flash-album-gallery 1.67
Photogallerycreator Flash-album-gallery 1.66
Photogallerycreator Flash-album-gallery 1.65
Photogallerycreator Flash-album-gallery 1.64
Photogallerycreator Flash-album-gallery 1.50
Photogallerycreator Flash-album-gallery 1.49
Photogallerycreator Flash-album-gallery 1.48
Photogallerycreator Flash-album-gallery 1.47
Photogallerycreator Flash-album-gallery 1.20
Photogallerycreator Flash-album-gallery 1.13
Photogallerycreator Flash-album-gallery 1.12
Photogallerycreator Flash-album-gallery 1.11
Photogallerycreator Flash-album-gallery 0.61
231
VMScore
CVE-2014-2333
Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin prior to 1.1.21 for WordPress allows remote malicious users to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.
Marcel Brinkkemper Lazyest-gallery
Marcel Brinkkemper Lazyest-gallery 1.1.16
Marcel Brinkkemper Lazyest-gallery 1.1.15
Marcel Brinkkemper Lazyest-gallery 1.1.9.1
Marcel Brinkkemper Lazyest-gallery 1.1.9
Marcel Brinkkemper Lazyest-gallery 1.1.3.3
Marcel Brinkkemper Lazyest-gallery 1.1.3.2
Marcel Brinkkemper Lazyest-gallery 1.1.18
Marcel Brinkkemper Lazyest-gallery 1.1.17.4
Marcel Brinkkemper Lazyest-gallery 1.1.12
Marcel Brinkkemper Lazyest-gallery 1.1.11
Marcel Brinkkemper Lazyest-gallery 1.1.7.1
Marcel Brinkkemper Lazyest-gallery 1.1.7
Marcel Brinkkemper Lazyest-gallery 1.1.6
Marcel Brinkkemper Lazyest-gallery 1.1.2.1
Marcel Brinkkemper Lazyest-gallery 1.1.1.1
Marcel Brinkkemper Lazyest-gallery 1.1.19.1
Marcel Brinkkemper Lazyest-gallery 1.1.19
Marcel Brinkkemper Lazyest-gallery 1.1.14
Marcel Brinkkemper Lazyest-gallery 1.1.13
Marcel Brinkkemper Lazyest-gallery 1.1.8.1
Marcel Brinkkemper Lazyest-gallery 1.1.8
605
VMScore
CVE-2008-1841
SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and previous versions allows remote malicious users to execute arbitrary SQL commands via an input field associated with the session_id variable...
Coppermine Coppermine Photo Gallery 1.4.17
Coppermine Coppermine Photo Gallery 1.4.8
Coppermine Coppermine Photo Gallery 1.4.11
Coppermine Coppermine Photo Gallery 1.4.12
Coppermine Coppermine Photo Gallery 1.3.0
Coppermine Coppermine Photo Gallery 1.4.13
Coppermine Coppermine Photo Gallery 1.3.1
Coppermine Coppermine Photo Gallery 1.3.2
Coppermine Coppermine Photo Gallery 1.4.7
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4.5
Coppermine Coppermine Photo Gallery 1.4.6
Coppermine Coppermine Photo Gallery 1.4.9
Coppermine Coppermine Photo Gallery 1.3.5
Coppermine Coppermine Photo Gallery 1.4.16
Coppermine Coppermine Photo Gallery 1.2.0rc2
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.14
Coppermine Coppermine Photo Gallery 1.2.0
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.4.10
Coppermine Coppermine Photo Gallery 1.3.3
383
VMScore
CVE-2012-4342
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 prior to 3.0.4 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Menalto Gallery
Menalto Gallery 3.0.1
Menalto Gallery 3.0.2
Menalto Gallery 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »