Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project gallery 2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3251
Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote malicious users to read or include arbitrary files via ".." sequences in the g2_itemId parameter.
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha3
NA
CVE-2005-4023
Unspecified vulnerability in the zipcart module in Gallery 2.0 prior to 2.0.2 allows remote malicious users to read arbitrary files via unknown vectors.
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Rc1
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Alpha3
NA
CVE-2005-4021
The installer for Gallery 2.0 prior to 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information.
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Rc1
NA
CVE-2006-1127
Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
1 EDB exploit
NA
CVE-2006-1128
Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote malicious users to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is san...
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Alpha3
1 EDB exploit
NA
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and previous versions, and 2.1 before RC-2a, allows remote malicious users to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
Gallery Project Gallery 2.0.3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.1 Rc1
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.1 Rc2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
1 EDB exploit
NA
CVE-2005-0221
Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote malicious users to inject arbitrary web script or HTML via the g2_form[subject] field.
Gallery Project Gallery 2.0 Alpha
NA
CVE-2005-0222
main.php in Gallery 2.0 Alpha allows remote malicious users to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Gallery Project Gallery 2.0 Alpha
NA
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started