Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-0060
The Responsive Gallery Grid WordPress plugin prior to 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-S...
Responsive Gallery Grid Project Responsive Gallery Grid
8.8
CVSSv3
CVE-2023-41876
Cross-Site Request Forgery (CSRF) vulnerability in Hardik Kalathiya WP Gallery Metabox plugin <= 1.0.0 versions.
Wp Gallery Metabox Project Wp Gallery Metabox
4.8
CVSSv3
CVE-2022-4142
The WordPress Filter Gallery Plugin WordPress plugin prior to 0.1.6 does not properly escape the filters passed in the ufg_gallery_filters ajax action before outputting them on the page, allowing a high privileged user such as an administrator to inject HTML or javascript to the ...
Wordpress Filter Gallery Project Wordpress Filter Gallery
NA
CVE-2014-9441
Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site...
Lightbox Photo Gallery Project Lightbox Photo Gallery 1.0
9.8
CVSSv3
CVE-2023-37152
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability.
Online Art Gallery Project Online Art Gallery 1.0
9.8
CVSSv3
CVE-2023-0961
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible...
Music Gallery Site Project Music Gallery Site 1.0
9.8
CVSSv3
CVE-2023-0963
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiat...
Music Gallery Site Project Music Gallery Site 1.0
9.8
CVSSv3
CVE-2023-1054
A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. ...
Music Gallery Site Project Music Gallery Site 1.0
NA
CVE-2014-6315
Multiple cross-site scripting (XSS) vulnerabilities in the Web-Dorado Photo Gallery plugin 1.1.30 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) callback, (2) dir, or (3) extensions parameter in an addImages act...
Photo Gallery Plugin Project Photo Gallery Plugin 1.1.30
9.8
CVSSv3
CVE-2023-0938
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file music_list.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate th...
Music Gallery Site Project Music Gallery Site 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »