Search
Search Results (29 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4030 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs." | ||||
| CVE-2002-2130 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-0614 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. | ||||
| CVE-2002-1412 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script. | ||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | ||||
| CVE-2005-4021 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2006-0330 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). | ||||
| CVE-2004-1106 | 2 Gallery Project, Gentoo | 2 Gallery, Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. | ||||
| CVE-2012-4919 | 1 Gallery Project | 1 Gallery | 2024-11-21 | 9.8 Critical |
| Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability | ||||