Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-3478
SQL injection vulnerability in Apptha WordPress Video Gallery 2.0, 1.6, and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the playid parameter to index.php.
Apptha Video Gallery Plugin 1.6
Apptha Video Gallery Plugin 2.0
7.5
CVSSv2
CVE-2013-2240
lib/flowplayer.swf.php in Gallery 3 prior to 3.0.9 does not properly remove query fragments, which allows remote malicious users to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138.
Menalto Gallery 3.0.5
Menalto Gallery 3.0.6
Menalto Gallery 3.0.7
Menalto Gallery 3.0.8
Menalto Gallery 3.0
Menalto Gallery 3.0.1
Menalto Gallery 3.0.2
Menalto Gallery 3.0.3
Menalto Gallery 3.0.4
7.5
CVSSv2
CVE-2013-2138
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 prior to 3.0.8 do not properly remove query parameters and fragments, which allows remote malicious users to have an unspecified impact via a replay attack.
Menalto Gallery 3.0.2
Menalto Gallery 3.0.3
Menalto Gallery 3.0.4
Menalto Gallery 3.0.5
Menalto Gallery 3.0
Menalto Gallery 3.0.1
Menalto Gallery 3.0.6
Menalto Gallery
7.5
CVSSv2
CVE-2012-4479
SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
David Alkire Drag \\& Drop Gallery 6.x-1.5
7.5
CVSSv2
CVE-2012-5304
Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote malicious users to inject arbitrary PHP code into functions/db_connect.php via unspecified vectors. NOTE: this is only a vulnerability when the administrator does not follow recom...
Yuriy V Semenikhin Yvs Image Gallery -
7.5
CVSSv2
CVE-2012-4343
Multiple unspecified vulnerabilities in Gallery 3 prior to 3.0.4 allow malicious users to execute arbitrary PHP code via unknown vectors.
Menalto Gallery 3.0.2
Menalto Gallery 3.0
Menalto Gallery 3.0.1
Menalto Gallery
7.5
CVSSv2
CVE-2010-5041
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote malicious users to execute arbitrary SQL commands via the id parameter in a plugin action.
John Bradshaw Np Gallery Plugin 0.94
1 EDB exploit
7.5
CVSSv2
CVE-2010-4968
SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter to index.php.
Webmaster-tips Com Wmtpic 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4948
PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Phpgalleryscript Php Free Photo Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2011-0519
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Gallarific Php Photo Gallery Script 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »