Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4979
Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.
Keil-software Photokorn Gallery
7.5
CVSSv2
CVE-2010-2910
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter to index.php.
Alexred Com Oziogallery
1 EDB exploit
7.5
CVSSv2
CVE-2010-2696
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote malicious users to execute arbitrary SQL commands via the parent parameter.
Sijio Community Software
1 EDB exploit
7.5
CVSSv2
CVE-2010-2335
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed prior to 20100618, allows remote malicious users to execute arbitrary SQL commands via the news parameter.
Yamamah Yamamah 1.00
2 EDB exploits
7.5
CVSSv2
CVE-2010-2141
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote malicious users to execute arbitrary SQL commands via the PictureId parameter in an open action.
Nitropowered Nitro Web Gallery 1.4.3a
Nitropowered Nitro Web Gallery 1.4.3
Nitropowered Nitro Web Gallery 1.4
Nitropowered Nitro Web Gallery 1.3
Nitropowered Nitro Web Gallery 1.4.2
Nitropowered Nitro Web Gallery 1.4.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-2126
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote malicious users to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/ind...
Snipegallery Snipe Gallery 3.1.5
2 EDB exploits
7.5
CVSSv2
CVE-2010-2127
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the lang_file parameter.
Jv2design Jv2 Folder Gallery 3.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-2035
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote malicious users to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
Percha Com Perchagallery 1.6
1 EDB exploit
7.5
CVSSv2
CVE-2010-1300
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote malicious users to execute arbitrary SQL commands via the calbums parameter.
Yamamah Yamamah 1.00
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »