212 matches found
CVE-2007-4260
EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote attackers to access arbitrary galleries by specifying this username...
CVE-2007-4259
EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via 1 a direct request for a URL under OnlineViewing/galleries/ or 2 navigation of the gallery user interface with JavaScript disabled...
CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/...
CVE-2006-2514
Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...
Code injection
Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...
CVE-2006-2514
Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...
CVE-2006-2514
CVE-2006-2514 affects Coppermine galleries prior to version 1.4.6 when run on Apache with the mod_mime module. The vulnerability allows remote attackers to upload arbitrary files by using a filename containing multiple extensions, enabling potential arbitrary file upload. The core issue is the ha...
Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images
The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be:...
mg2-image.txt
The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be:...
MG2 0.5.1 - Authentication Bypass
MG2 0.5.1 - Authentication Bypass source: https://www.securityfocus.com/bid/15235/info MG2 is affected by an authentication bypass vulnerability. This issue can allow remote attackers to gain access to password protected image galleries. All versions of MG2 are considered to be vulnerable at the...
MG2 0.5.1 - Authentication Bypass
source: https://www.securityfocus.com/bid/15235/info MG2 is affected by an authentication bypass vulnerability. This issue can allow remote attackers to gain access to password protected image galleries. All versions of MG2 are considered to be vulnerable at the moment. Minigal B13 is likely...
[NT] thePHOTOtool SQL Injection Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...