Lucene search
K

212 matches found

Cvelist
Cvelist
added 2007/08/08 11:0 p.m.25 views

CVE-2007-4260

EZPhotoSales 1.9.3 and earlier has a default "admin" account for galleries, which allows remote attackers to access arbitrary galleries by specifying this username...

6.9AI score0.01435EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/08/08 11:0 p.m.21 views

CVE-2007-4259

EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via 1 a direct request for a URL under OnlineViewing/galleries/ or 2 navigation of the gallery user interface with JavaScript disabled...

6.8AI score0.01517EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/08/08 11:0 p.m.21 views

CVE-2007-4262

Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/...

7.2AI score0.01778EPSS
Exploits0References7
NVD
NVD
added 2006/05/22 10:2 p.m.16 views

CVE-2006-2514

Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...

7.5CVSS6.8AI score0.01553EPSS
Exploits0References4
Prion
Prion
added 2006/05/22 10:2 p.m.16 views

Code injection

Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...

7.5CVSS7.3AI score0.01553EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/05/22 10:0 p.m.20 views

CVE-2006-2514

Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...

6.8AI score0.01553EPSS
Exploits0References4
CVE
CVE
added 2006/05/22 10:0 p.m.52 views

CVE-2006-2514

CVE-2006-2514 affects Coppermine galleries prior to version 1.4.6 when run on Apache with the mod_mime module. The vulnerability allows remote attackers to upload arbitrary files by using a filename containing multiple extensions, enabling potential arbitrary file upload. The core issue is the ha...

7.5CVSS6.8AI score0.01553EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2005/10/31 12:0 a.m.31 views

Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images

The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2005/10/31 12:0 a.m.29 views

mg2-image.txt

The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/10/29 12:0 a.m.11 views

MG2 0.5.1 - Authentication Bypass

MG2 0.5.1 - Authentication Bypass source: https://www.securityfocus.com/bid/15235/info MG2 is affected by an authentication bypass vulnerability. This issue can allow remote attackers to gain access to password protected image galleries. All versions of MG2 are considered to be vulnerable at the...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/10/29 12:0 a.m.22 views

MG2 0.5.1 - Authentication Bypass

source: https://www.securityfocus.com/bid/15235/info MG2 is affected by an authentication bypass vulnerability. This issue can allow remote attackers to gain access to password protected image galleries. All versions of MG2 are considered to be vulnerable at the moment. Minigal B13 is likely...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/03/15 12:0 a.m.34 views

[NT] thePHOTOtool SQL Injection Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.1AI score
Exploits0
Rows per page
Query Builder