Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1002028
Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query.
Angrybyte Gallery-transformation 1.0
7.5
CVSSv2
CVE-2017-1002013
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php.
Anblik Image-gallery-with-slideshow 1.5.2
7.5
CVSSv2
CVE-2017-1002014
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter.
Anblik Image-gallery-with-slideshow 1.5.2
7.5
CVSSv2
CVE-2017-1002015
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter.
Anblik Image-gallery-with-slideshow 1.5.2
7.5
CVSSv2
CVE-2017-1002012
Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/admin_setting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement.
Anblik Image-gallery-with-slideshow 1.5.2
7.5
CVSSv2
CVE-2016-1000113
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
Huge-it Gallery 1.1.5
7.5
CVSSv2
CVE-2016-1000123
Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Huge-it Video Gallery 1.0.9
1 EDB exploit
7.5
CVSSv2
CVE-2016-1000125
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
Huge-it Huge-it Catalog 1.0.7
1 EDB exploit
7.5
CVSSv2
CVE-2016-1000124
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
Huge-it Portfolio Gallery 1.0.6
1 EDB exploit
7.5
CVSSv2
CVE-2015-7527
lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows remote malicious users to execute arbitrary code via shell metacharacters in the "Width of preview image" and possibly other input fields in the "Video Gallery Settings" page.
Cool Video Gallery Project Cool Video Gallery 1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »