Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-0407
SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote malicious users to execute arbitrary SQL commands via a crafted URI, as demonstrated by Gallery/gal_id/1/image1,1.html. NOTE: some of thes...
Phenotype-cms Phenotype Cms 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4979
Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.
Keil-software Photokorn Gallery
7.5
CVSSv2
CVE-2010-2910
SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter to index.php.
Alexred Com Oziogallery
1 EDB exploit
7.5
CVSSv2
CVE-2010-2696
SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote malicious users to execute arbitrary SQL commands via the parent parameter.
Sijio Community Software
1 EDB exploit
7.5
CVSSv2
CVE-2010-2335
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed prior to 20100618, allows remote malicious users to execute arbitrary SQL commands via the news parameter.
Yamamah Yamamah 1.00
2 EDB exploits
7.5
CVSSv2
CVE-2010-2141
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote malicious users to execute arbitrary SQL commands via the PictureId parameter in an open action.
Nitropowered Nitro Web Gallery 1.4.3a
Nitropowered Nitro Web Gallery 1.4.3
Nitropowered Nitro Web Gallery 1.4
Nitropowered Nitro Web Gallery 1.3
Nitropowered Nitro Web Gallery 1.4.2
Nitropowered Nitro Web Gallery 1.4.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-2126
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote malicious users to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.php, (6) admin/gallery/ind...
Snipegallery Snipe Gallery 3.1.5
2 EDB exploits
7.5
CVSSv2
CVE-2010-2127
PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the lang_file parameter.
Jv2design Jv2 Folder Gallery 3.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-2035
Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote malicious users to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
Percha Com Perchagallery 1.6
1 EDB exploit
7.5
CVSSv2
CVE-2010-1300
SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote malicious users to execute arbitrary SQL commands via the calbums parameter.
Yamamah Yamamah 1.00
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »