Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Photokorn Gallery Security Vulnerabilities

cve
cve

CVE-2006-4670

Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Gallery 1.52 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) includes/cart.inc.php or (2) extras/ext_cats.php.

8AI Score

0.144EPSS

2006-09-09 12:04 AM
31
cve
cve

CVE-2009-4979

Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.

8.8AI Score

0.002EPSS

2022-10-03 04:24 PM
18
cve
cve

CVE-2009-4980

Multiple cross-site scripting (XSS) vulnerabilities in Photokorn Gallery 1.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) where[] parameter to search.php and (2) qc parameter to admin.php.

5.9AI Score

0.001EPSS

2022-10-03 04:24 PM
22
cve
cve

CVE-2009-4981

Multiple cross-site request forgery (CSRF) vulnerabilities in Photokorn Gallery 1.81 allow remote attackers to hijack the authentication of administrators.

7.4AI Score

0.001EPSS

2022-10-03 04:24 PM
18