Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-40814
The Customer Photo Gallery addon prior to 2.9.4 for PrestaShop is vulnerable to SQL injection.
Mypresta Customer Photo Gallery
6.8
CVSSv2
CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval para...
Coppermine Coppermine Photo Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2016-10921
The gallery-photo-gallery plugin prior to 1.0.1 for WordPress has SQL injection.
Ays-pro Photo Gallery
NA
CVE-2023-41658
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.
I13websolution Web Solution Photo Gallery Slideshow \\& Masonry Tiled Gallery
5
CVSSv2
CVE-2002-1411
Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the id parameter.
Duma Photo Gallery System 0.99.4
7.5
CVSSv2
CVE-2010-4948
PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Phpgalleryscript Php Free Photo Gallery
1 EDB exploit
4.3
CVSSv2
CVE-2009-1616
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
Coppermine Coppermine Photo Gallery 1.4.22
1 EDB exploit
5
CVSSv2
CVE-2006-0873
Absolute path traversal vulnerability in docs/showdocs.php in Coppermine Photo Gallery 1.4.3 and previous versions allows remote malicious users to include arbitrary files via the f parameter, and possibly remote files using UNC share pathnames.
Coppermine Coppermine Photo Gallery 1.4.3
7.5
CVSSv2
CVE-2005-3986
Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parameter in content.php.
Verosky Media Instant Photo Gallery
2 EDB exploits
7.5
CVSSv2
CVE-2007-4283
PHP remote file inclusion vulnerability in bridge/yabbse.inc.php in Coppermine Photo Gallery (CPG) 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter.
Coppermine Coppermine Photo Gallery 1.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »