Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-14313
A SQL injection vulnerability exists in the 10Web Photo Gallery plugin prior to 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote malicious user to execute arbitrary SQL commands on the affected system via filemanager/model.php.
10web Photo Gallery
4.3
CVSSv2
CVE-2006-3032
Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Photo Gallery 1.05 and previous versions, and possibly 2.0 (trial), allow remote malicious users to inject arbitrary web script or HTML via the (1) catname and (2) total parameters in (a) displaypic.asp, and the (3...
Pensacola Web Designs Xtreme Asp Photo Gallery 1.05
Pensacola Web Designs Xtreme Asp Photo Gallery 2.0
7.5
CVSSv2
CVE-2016-10921
The gallery-photo-gallery plugin prior to 1.0.1 for WordPress has SQL injection.
Ays-pro Photo Gallery
7.5
CVSSv2
CVE-2021-40814
The Customer Photo Gallery addon prior to 2.9.4 for PrestaShop is vulnerable to SQL injection.
Mypresta Customer Photo Gallery
4.3
CVSSv2
CVE-2007-5888
Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) prior to 1.4.14 allows remote malicious users to inject arbitrary web script or HTML via the data parameter.
Coppermine Coppermine Photo Gallery
6.5
CVSSv2
CVE-2021-24462
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin prior to 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, ...
Ays-pro Photo Gallery
NA
CVE-2023-2568
The Photo Gallery by Ays WordPress plugin prior to 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Ays-pro Photo Gallery
7.5
CVSSv2
CVE-2015-1055
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote malicious users to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
10web Photo Gallery 1.2.7
4
CVSSv2
CVE-2007-0836
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) "Path to custom header include" and (2) "Path to custom footer include" form fields. NOTE: Th...
Coppermine Coppermine Photo Gallery
1 EDB exploit
6.5
CVSSv2
CVE-2014-9312
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
10web Photo Gallery 1.2.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »