Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project gallery vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-24349
This Gallery from files WordPress plugin up to and including 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Sc...
Gallery From Files Project Gallery From Files
NA
CVE-2023-25473
Cross-Site Request Forgery (CSRF) vulnerability in Miro Mannino Flickr Justified Gallery plugin <= 3.5 versions.
Flickr Justified Gallery Project Flickr Justified Gallery
4.3
CVSSv2
CVE-2017-17869
The mgl-instagram-gallery plugin for WordPress has XSS via the single-gallery.php media parameter.
Mgl-instagram-gallery Project Mgl-instagram-gallery -
4.3
CVSSv2
CVE-2014-6315
Multiple cross-site scripting (XSS) vulnerabilities in the Web-Dorado Photo Gallery plugin 1.1.30 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) callback, (2) dir, or (3) extensions parameter in an addImages act...
Photo Gallery Plugin Project Photo Gallery Plugin 1.1.30
NA
CVE-2023-0961
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible...
Music Gallery Site Project Music Gallery Site 1.0
NA
CVE-2023-1053
A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical. This issue affects some unknown processing of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associate...
Music Gallery Site Project Music Gallery Site 1.0
7.5
CVSSv2
CVE-2015-7527
lib/core.php in the Cool Video Gallery plugin 1.9 for WordPress allows remote malicious users to execute arbitrary code via shell metacharacters in the "Width of preview image" and possibly other input fields in the "Video Gallery Settings" page.
Cool Video Gallery Project Cool Video Gallery 1.9
NA
CVE-2023-2776
A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-229282 is the identifier assigned to this vulne...
Simple Photo Gallery Project Simple Photo Gallery 1.0
NA
CVE-2023-1054
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. ...
Music Gallery Site Project Music Gallery Site 1.0
6.8
CVSSv2
CVE-2014-9441
Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site...
Lightbox Photo Gallery Project Lightbox Photo Gallery 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »