Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-3123
Cross-site scripting (XSS) vulnerability in admin/manage-images.php in the NextCellent Gallery plugin prior to 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arb...
Wpgetready Nextcellent Gallery 1.9.16
Wpgetready Nextcellent Gallery 1.9.14
Wpgetready Nextcellent Gallery
Wpgetready Nextcellent Gallery 1.9.15
3.5
CVSSv2
CVE-2008-4530
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x prior to 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers.
Drupal Brilliant Gallery 5.x-2.17
Drupal Brilliant Gallery 5.x-2.16
Drupal Brilliant Gallery 5.x-2.9
Drupal Brilliant Gallery 5.x-2.8
Drupal Brilliant Gallery 5.x-2.7
Drupal Brilliant Gallery 5.x-1.2
Drupal Brilliant Gallery 5.x-1.1
Drupal Brilliant Gallery
Drupal Brilliant Gallery 5.x-4.0
Drupal Brilliant Gallery 5.x-2.15
Drupal Brilliant Gallery 5.x-2.14
Drupal Brilliant Gallery 5.x-2.6
Drupal Brilliant Gallery 5.x-2.5
Drupal Brilliant Gallery 5.x-1.0
Drupal Brilliant Gallery 5.x-3.3
Drupal Brilliant Gallery 5.x-3.2
Drupal Brilliant Gallery 5.x-2.13
Drupal Brilliant Gallery 5.x-2.12
Drupal Brilliant Gallery 5.x-2.4
Drupal Brilliant Gallery 5.x-2.3
Drupal Brilliant Gallery 5.x-3.1
Drupal Brilliant Gallery 5.x-3.0
7.5
CVSSv2
CVE-2008-4531
SQL injection vulnerability in Brilliant Gallery 5.x prior to 5.x-4.2, a module for Drupal, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.
Drupal Brilliant Gallery 5.x-3.2
Drupal Brilliant Gallery 5.x-3.1
Drupal Brilliant Gallery 5.x-2.11
Drupal Brilliant Gallery 5.x-2.10
Drupal Brilliant Gallery 5.x-2.3
Drupal Brilliant Gallery 5.x-2.2
Drupal Brilliant Gallery
Drupal Brilliant Gallery 5.x-2.16
Drupal Brilliant Gallery 5.x-2.15
Drupal Brilliant Gallery 5.x-2.7
Drupal Brilliant Gallery 5.x-2.6
Drupal Brilliant Gallery 5.x-1.1
Drupal Brilliant Gallery 5.x-1.0
Drupal Brilliant Gallery 5.x-3.0
Drupal Brilliant Gallery 5.x-2.17
Drupal Brilliant Gallery 5.x-2.9
Drupal Brilliant Gallery 5.x-2.8
Drupal Brilliant Gallery 5.x-2.1
Drupal Brilliant Gallery 5.x-1.2
Drupal Brilliant Gallery 5.x-4.0
Drupal Brilliant Gallery 5.x-3.3
Drupal Brilliant Gallery 5.x-2.14
6.5
CVSSv2
CVE-2014-5460
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin prior to 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-ga...
Tribulant Tibulant Slideshow Gallery 1.4.4
Tribulant Tibulant Slideshow Gallery 1.4.5
Tribulant Tibulant Slideshow Gallery
Tribulant Tibulant Slideshow Gallery 1.4.2
Tribulant Tibulant Slideshow Gallery 1.4.3
Tribulant Tibulant Slideshow Gallery 1.4
Tribulant Tibulant Slideshow Gallery 1.4.1
2 EDB exploits
6.5
CVSSv2
CVE-2007-4976
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and previous versions allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
Coppermine Coppermine Photo Gallery 1.4.10
Coppermine Coppermine Photo Gallery 1.4.11
Coppermine Coppermine Photo Gallery 1.4.12
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
3.5
CVSSv2
CVE-2007-4977
Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the referer parameter.
Coppermine Coppermine Photo Gallery 1.4.10
Coppermine Coppermine Photo Gallery 1.4.11
Coppermine Coppermine Photo Gallery 1.4.12
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.9
1 EDB exploit
7.5
CVSSv2
CVE-2002-1412
Gallery photo album package prior to 1.3.1 allows local and possibly remote malicious users to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
Gallery Project Gallery
1 EDB exploit
4.3
CVSSv2
CVE-2005-1172
Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote malicious users to inject arbitrary web script or HTML via the X-Forwarded-For parameter.
Coppermine Coppermine Photo Gallery 1.3
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1 .0
7.5
CVSSv2
CVE-2006-2976
Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery prior to 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors.
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.4.5
Coppermine Coppermine Photo Gallery 1.4.2
Coppermine Coppermine Photo Gallery 1.4.3
Coppermine Coppermine Photo Gallery 1.4.6
Coppermine Coppermine Photo Gallery 1.4 Beta
7.5
CVSSv2
CVE-2010-2141
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote malicious users to execute arbitrary SQL commands via the PictureId parameter in an open action.
Nitropowered Nitro Web Gallery 1.4.3a
Nitropowered Nitro Web Gallery 1.4.3
Nitropowered Nitro Web Gallery 1.4
Nitropowered Nitro Web Gallery 1.3
Nitropowered Nitro Web Gallery 1.4.2
Nitropowered Nitro Web Gallery 1.4.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »