Filtered by vendor Gallery Project
Subscribe
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2596 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 4.6 MEDIUM | N/A |
| User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | |||||
| CVE-2005-2734 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. | |||||
| CVE-2006-1696 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2002-2123 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter. | |||||
| CVE-2005-0222 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message. | |||||
| CVE-2005-4023 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2006-0330 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). | |||||
| CVE-2005-0220 | 1 Gallery Project | 1 Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field. | |||||
| CVE-2012-4919 | 1 Gallery Project | 1 Gallery | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability | |||||