Search
Search Results (29 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0220 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field. | ||||
| CVE-2005-0222 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message. | ||||
| CVE-2005-4023 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2006-0330 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). | ||||
| CVE-2006-4030 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs." | ||||
| CVE-2002-2130 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1466 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if the temporary directory is under the web root. | ||||
| CVE-2005-4022 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the "Add Image From Web" feature in Gallery 2.0 before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | ||||
| CVE-2012-4919 | 1 Gallery Project | 1 Gallery | 2024-11-21 | 9.8 Critical |
| Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability | ||||