Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
picture gallery vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-34759
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VideoWhisper Picture Gallery allows Stored XSS.This issue affects Picture Gallery: from n/a up to and including 1.5.11.
Videowhisper Picture Gallery
7.5
CVSSv2
CVE-2006-2118
JMK's Picture Gallery allows remote malicious users to bypass authentication via a direct request to admin_gallery.php3, possibly related to the add action.
Jmk Web Scripts Jmk Picture Gallery
7.1
CVSSv3
CVE-2025-26581
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in videowhisper Picture Gallery allows Reflected XSS. This issue affects Picture Gallery: from n/a up to and including 1.6.2.
Videowhisper Picture Gallery
6.4
CVSSv3
CVE-2024-13584
The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_pictures' shortcode in all versions up to, and including, 1.5.19 due to insufficient input sanitizat...
Videowhisper Picture Gallery – Frontend Image Uploads, Ajax Photo List
6.4
CVSSv3
CVE-2024-12696
The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisper_picture_upload_guest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitizat...
Videowhisper Picture Gallery – Frontend Image Uploads, Ajax Photo List
4.3
CVSSv2
CVE-2008-7175
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and previous versions plugin for Wordpress allows remote malicious users to inject arbitrary web script or HTML via the picture description field in a page edit action.
Alex Rabe Nextgen Gallery
Alex Rabe Nextgen Gallery 0.33
Alex Rabe Nextgen Gallery 0.34
Alex Rabe Nextgen Gallery 0.35
Alex Rabe Nextgen Gallery 0.36
Alex Rabe Nextgen Gallery 0.37
Alex Rabe Nextgen Gallery 0.39
Alex Rabe Nextgen Gallery 0.40
Alex Rabe Nextgen Gallery 0.41
Alex Rabe Nextgen Gallery 0.42
Alex Rabe Nextgen Gallery 0.43
Alex Rabe Nextgen Gallery 0.50
4.6
CVSSv3
CVE-2024-20827
Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical malicious users to access the picture using physical keyboard on the lockscreen.
Samsung Gallery
6.8
CVSSv2
CVE-2008-0506
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) prior to 1.4.15, when the ImageMagick picture processing method is configured, allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angle, or (3) clipval para...
Coppermine Coppermine Photo Gallery
1 EDB exploit
7.2
CVSSv3
CVE-2022-40932
In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system.
Phpgurukul Zoo Management System 1.0
5
CVSSv2
CVE-2006-4875
Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows remote malicious users to upload picture files, and possibly files with arbitrary extensions, to gallery/albums/public.
Jupiter Cms Jupiter Cms
1 EDB exploit
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-46656
unknown
CVE-2025-46577
CVE-2025-32979
paicoding
XPath injection
hackmd
CVE-2025-3643
opplus
CSRF
local users
CVE-2025-32433
CVE-2025-32432
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon