213 matches found
Gentoo Security Advisory GLSA 200402-04 (Gallery)
The remote host is missing updates announced in advisory GLSA 200402-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: gallery
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2008-2124
CVE-2008-2124 describes an SQL injection in modules/print.asp of fipsASP fipsCMS, exploitable via the lg parameter. The underlying flaw is improper handling of user input that enables arbitrary SQL execution. The CVSS v2 vector indicates a NETWORK attack vector, LOW complexity, no authentication,...
CVE-2007-2124
Technical details about CVE-2007-2124 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2006-2124
CVE-2006-2124 affects SunShop 3.5 and earlier. Multiple XSS vulnerabilities in index.php allow injection of arbitrary script/HTML via the parameters: prevaction, previd, prevstart, itemid, id, and action. Impact is Web page/script injection; exact exploit details and remediation are not provided ...
WMF and EMF Files (CVE-2005-2123; CVE-2005-2124; CVE-2005-4560; CVE-2006-0020)
...
Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution 896424 Published: November 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...
CVE-2002-2124
The CVE-2002-2124 entry concerns nylon 0.2. The vulnerability arises in the recvn and sendn functions which do not handle a recv() returning 0, allowing a remote attacker to trigger a denial of service (infinite loop and high CPU usage) by closing the connection during recv. The connected records...
FreeBSD : gallery -- remote code injection via HTTP_POST_VARS (12b1a62d-6056-4d90-9e21-45fcde6abae4)
A web server running Gallery can be exploited for arbitrary PHP code execution through the use of a maliciously crafted URL. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...
CVE-2004-2124
The registerglobals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTPPOSTVARS variable and conduct a PHP remote file inclusion attack via the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412...
CVE-2004-2124
The registerglobals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTPPOSTVARS variable and conduct a PHP remote file inclusion attack via the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412...
CVE-2023-34255
CVE-2023-34255 is rejected/not used and does not represent an active vulnerability entry.
MS:CCCADB94-2124-4F70-9D94-A139E2DC0BE9
...