Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
photo gallery vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2007-0835
admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to execute arbitrary shell commands via shell metacharacters (";" semicolon) in the "Command line options for ImageMagick" form field, when used as an option ...
Coppermine Coppermine Photo Gallery
7.5
CVSSv2
CVE-2021-40814
The Customer Photo Gallery addon prior to 2.9.4 for PrestaShop is vulnerable to SQL injection.
Mypresta Customer Photo Gallery
6.5
CVSSv2
CVE-2021-24462
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin prior to 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, ...
Ays-pro Photo Gallery
6.8
CVSSv2
CVE-2007-5224
inc/exif.inc.php in Original Photo Gallery 0.11.2 and previous versions allows remote malicious users to execute arbitrary programs via the exif_prog parameter, which is specified in an exec function call.
Jimmac Original Photo Gallery
6.5
CVSSv2
CVE-2014-9312
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
10web Photo Gallery 1.2.5
1 EDB exploit
NA
CVE-2023-2568
The Photo Gallery by Ays WordPress plugin prior to 5.1.7 does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Ays-pro Photo Gallery
7.5
CVSSv2
CVE-2007-3558
SQL injection vulnerability in Coppermine Photo Gallery (CPG) prior to 1.4.11 allows remote malicious users to execute arbitrary SQL commands via an album password cookie to an unspecified component.
Coppermine Coppermine Photo Gallery
1 EDB exploit
10
CVSSv2
CVE-2007-1414
Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions...
Coppermine Coppermine Photo Gallery
5.1
CVSSv2
CVE-2008-6789
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
Minddezign Photo Gallery 2.2
2 EDB exploits
7.5
CVSSv2
CVE-2005-2216
PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and previous versions allows remote malicious users to execute arbitrary code via the news_file parameter.
Photogal Photogal Photo Gallery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »