Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2008-6790
The admin module in MindDezign Photo Gallery 2.2 allows remote malicious users to add administrative users and gain privileges via a modified username parameter in an edit account action to index.php.
Minddezign Photo Gallery 2.2
1 EDB exploit
NA
CVE-2023-2568
The Photo Gallery by Ays WordPress plugin prior to 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Ays-pro Photo Gallery
4.3
CVSSv2
CVE-2007-5888
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) prior to 1.4.14 allows remote malicious users to inject arbitrary web script or HTML via the data parameter.
Coppermine Coppermine Photo Gallery
NA
CVE-2023-39917
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions.
Ays-pro Photo Gallery
7.5
CVSSv2
CVE-2015-1055
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote malicious users to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
10web Photo Gallery 1.2.7
10
CVSSv2
CVE-2007-1414
Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions...
Coppermine Coppermine Photo Gallery
7.5
CVSSv2
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass para...
Developiteasy Photo Gallery 1.2
1 EDB exploit
6.5
CVSSv2
CVE-2021-24462
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin prior to 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, ...
Ays-pro Photo Gallery
7.5
CVSSv2
CVE-2005-2216
PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and previous versions allows remote malicious users to execute arbitrary code via the news_file parameter.
Photogal Photogal Photo Gallery
6.8
CVSSv2
CVE-2007-5224
inc/exif.inc.php in Original Photo Gallery 0.11.2 and previous versions allows remote malicious users to execute arbitrary programs via the exif_prog parameter, which is specified in an exec function call.
Jimmac Original Photo Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »