ansel vulnerabilities and exploits

7.5
CVSSv2
CVE-2004-2266

SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter....

7.5
CVSSv2
CVE-2004-2203

Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories....

4.3
CVSSv2
CVE-2004-2267

Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name....