Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2008-6790
The admin module in MindDezign Photo Gallery 2.2 allows remote malicious users to add administrative users and gain privileges via a modified username parameter in an edit account action to index.php.
Minddezign Photo Gallery 2.2
1 EDB exploit
5.1
CVSSv2
CVE-2008-6788
SQL injection vulnerability in MindDezign Photo Gallery 2.2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter in an info action to index.php.
Minddezign Photo Gallery 2.2
2 EDB exploits
7.5
CVSSv2
CVE-2015-1055
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote malicious users to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
10web Photo Gallery 1.2.7
NA
CVE-2023-41658
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.
I13websolution Web Solution Photo Gallery Slideshow \\& Masonry Tiled Gallery
7.5
CVSSv2
CVE-2007-4283
PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter.
Coppermine Coppermine Photo Gallery 1.3.1
1 EDB exploit
4.6
CVSSv2
CVE-2019-14467
The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.
Infoway Social Photo Gallery 1.0
NA
CVE-2023-3538
A vulnerability classified as problematic was found in SimplePHPscripts Photo Gallery PHP 2.0. This vulnerability affects unknown code of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remo...
Simplephpscripts Photo Gallery Php 2.0
7.5
CVSSv2
CVE-2010-4948
PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Phpgalleryscript Php Free Photo Gallery
1 EDB exploit
5
CVSSv2
CVE-2002-1411
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the id parameter.
Duma Photo Gallery System 0.99.4
5
CVSSv2
CVE-2006-1909
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote malicious users to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences...
Coppermine Coppermine Photo Gallery 1.4.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »