CVE-2019-16119

SQL injection in the photo-gallery 10Web Photo Gallery plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php albumid parameter...

CVE-2023-32669

Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the album identification id...

ASUSTOR ADM SQL Injection Vulnerability

ASUSTOR ADM is an operating system from ASUSTOR dedicated to ASUSTOR NAS storage devices. photo gallery is one of the photo management applications. An SQL injection vulnerability exists in the 'albumid' and 'scope' parameters of the tree list function of the photo gallery application in ASUSTOR...

CVE-2018-11511

The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'albumid' or 'scope' parameter via a photo-gallery/api/album/treelists/ URI...

PT-2017-6114 · D Link +1 · D-Link Dns-320 +2

Name of the Vulnerable Software and Affected Versions: D-Link DNS-320L versions prior to 1.04b12 D-Link DNS-327L versions prior to 1.03b04 Build0119 Description: The issue allows remote attackers to obtain arbitrary photos and publish them to an arbitrary Facebook profile via a target album id an...

Opial 1.0 SQL Injection

Opial 1.0 albumid Remote SQL Injection Vuln Founder : ThE g0bL!N SQL Injection Vulnerability Exploit: http://www.path.com/albumdetail.php?albumid=-31+union//select//1,version,3,4,5,6,7,8,9,10,11,12,13,14,user,16-- Demo: ---- http://www.opial.com/demo/ Greeting : SuperCtistal My Master And all...