Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-14798
The 10Web Photo Gallery plugin prior to 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter.
10web Photo Gallery
4.3
CVSSv2
CVE-2006-3032
Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Photo Gallery 1.05 and previous versions, and possibly 2.0 (trial), allow remote malicious users to inject arbitrary web script or HTML via the (1) catname and (2) total parameters in (a) displaypic.asp, and the (3...
Pensacola Web Designs Xtreme Asp Photo Gallery 1.05
Pensacola Web Designs Xtreme Asp Photo Gallery 2.0
7.5
CVSSv2
CVE-2016-10921
The gallery-photo-gallery plugin prior to 1.0.1 for WordPress has SQL injection.
Ays-pro Photo Gallery
NA
CVE-2023-32107
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.
Ays-pro Photo Gallery
6.8
CVSSv2
CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval para...
Coppermine Coppermine Photo Gallery
1 EDB exploit
6
CVSSv2
CVE-2007-0115
Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via the Username to login.php, which is injected into an error message in security.log.php, which can then be acce...
Coppermine Coppermine Photo Gallery
6.5
CVSSv2
CVE-2014-9312
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
10web Photo Gallery 1.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-3558
SQL injection vulnerability in Coppermine Photo Gallery (CPG) prior to 1.4.11 allows remote malicious users to execute arbitrary SQL commands via an album password cookie to an unspecified component.
Coppermine Coppermine Photo Gallery
1 EDB exploit
5.1
CVSSv2
CVE-2008-6788
SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter in an info action to index.php.
Minddezign Photo Gallery 2.2
2 EDB exploits
5.1
CVSSv2
CVE-2008-6789
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
Minddezign Photo Gallery 2.2
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »