Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2013-3684
NextGEN Gallery plugin prior to 1.9.13 for WordPress: ngggallery.php file upload
Imagely Nextgen Gallery
1 EDB exploit
1000
VMScore
CVE-2012-3575
Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/rbxslider.
Rbx Gallery Rbx Gallery 2.1
1 EDB exploit
1000
VMScore
CVE-2008-4509
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ro...
Foss Gallery Foss Gallery 1.0
3 EDB exploits
1000
VMScore
CVE-2008-0735
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote malicious users to execute arbitrary SQL commands via the albums parameter.
Auracms Auracms 2.2
1 EDB exploit
1000
VMScore
CVE-2007-4916
Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo &...
Hp Photo And Imaging Gallery 1.1
Hp All-in-on Printer
2 EDB exploits
1000
VMScore
CVE-2007-2715
Admin/users.php in Snaps! Gallery 1.4.4 allows remote malicious users to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
Snaps Gallery Snaps Gallery 1.4.4
1 EDB exploit
935
VMScore
CVE-2007-1600
PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote malicious users to execute arbitrary PHP code via a URL in the menu parameter.
Digital Eye Gallery Digital Eye Gallery 1.1 Beta
Digital Eye Gallery Digital Eye Gallery 0.1.1b
1 EDB exploit
905
VMScore
CVE-2006-1668
newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and previous versions allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter an...
Crafty Syntax Image Gallery Crafty Syntax Image Gallery
1 EDB exploit
890
VMScore
CVE-2019-14313
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin prior to 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote malicious user to execute arbitrary SQL commands on the affected system via filemanager/model.php.
10web Photo Gallery
890
VMScore
CVE-2012-2405
Gallery 2 prior to 2.3.2 and 3 prior to 3.0.3 does not properly implement encryption, which has unspecified impact and attack vectors, a different vulnerability than CVE-2012-1113.
Maian Gallery 2.3
Maian Gallery 2.3.1
Menalto Gallery 2.2.6
Maian Gallery 3.0.1
Maian Gallery 3.0.2
Maian Gallery 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »