Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gallery project vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-5682
upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote malicious users to create arbitrary directories via vectors related to the targetDir variable.
Powerplay Gallery Project Powerplay Gallery 3.3
5
CVSSv2
CVE-2015-1000007
Remote file download vulnerability in wptf-image-gallery v1.03
Wptf-image-gallery Project Wptf-image-gallery 1.03
5
CVSSv2
CVE-2006-4030
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and previous versions allows remote malicious users to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
Gallery Project Gallery 1.4.3 Pl1
Gallery Project Gallery 1.4.3 Pl2
Gallery Project Gallery 1.5
Gallery Project Gallery 1.5.1
Gallery Project Gallery 1.4
Gallery Project Gallery 1.4.4 Pl4
Gallery Project Gallery 1.4.4 Pl5
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.4.2
Gallery Project Gallery 1.4 Pl1
Gallery Project Gallery 1.4 Pl2
Gallery Project Gallery 1.4.4 Pl2
Gallery Project Gallery 1.4.4 Pl3
Gallery Project Gallery 1.5 Pl1
Gallery Project Gallery
5
CVSSv2
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and previous versions, and 2.1 before RC-2a, allows remote malicious users to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
Gallery Project Gallery 2.0.3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.1 Rc1
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.1 Rc2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
1 EDB exploit
5
CVSSv2
CVE-2005-4021
The installer for Gallery 2.0 prior to 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information.
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0 Rc1
5
CVSSv2
CVE-2005-4023
Unspecified vulnerability in the zipcart module in Gallery 2.0 prior to 2.0.2 allows remote malicious users to read arbitrary files via unknown vectors.
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Rc1
Gallery Project Gallery 2.0 Rc2
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0 Alpha3
5
CVSSv2
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.0.3
5
CVSSv2
CVE-2005-0220
Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote malicious users to inject arbitrary web script or HTML via the username field.
Gallery Project Gallery 1.4.4 Pl2
5
CVSSv2
CVE-2005-0222
main.php in Gallery 2.0 Alpha allows remote malicious users to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.
Gallery Project Gallery 2.0 Alpha
5
CVSSv2
CVE-2004-2124
The register_globals simulation capability in Gallery 1.3.1 up to and including 1.4.1 allows remote malicious users to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412...
Gallery Project Gallery 1.4.1
Gallery Project Gallery 1.3.1
Gallery Project Gallery 1.3.2
Gallery Project Gallery 1.3.3
Gallery Project Gallery 1.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »