Lucene search
+L

56 matches found

CVE
CVE
added 2024/03/01 6:47 a.m.94 views

CVE-2024-1859

CVE-2024-1859 refers to the Slider Responsive Slideshow – Image slider, Gallery slideshow WordPress plugin. The vulnerability is a PHP Object Injection in versions up to and including 1.3.8, triggered by deserialization of untrusted input in the awl_slider_responsive_shortcode function. With cont...

8.8CVSS9AI score0.00823EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/09/29 12:0 a.m.5 views

WordPress Plugin Photo Gallery Slideshow & Masonry Tiled Gallery Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

7.1CVSS6AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.10 views

PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery

Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...

6.1CVSS6.7AI score0.00433EPSS
Exploits0References4
OSV
OSV
added 2017/09/14 1:29 p.m.7 views

CVE-2017-1002013

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/adminsetting.php...

9.8CVSS5.8AI score0.02907EPSS
Exploits1References2
OSV
OSV
added 2017/09/14 1:29 p.m.5 views

CVE-2017-1002014

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/adminsetting.php via galleryname parameter...

9.8CVSS5.8AI score0.02907EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/09/14 1:0 p.m.32 views

CVE-2017-1002014

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/adminsetting.php via galleryname parameter...

9.9AI score0.02907EPSS
Exploits1References2
NVD
NVD
added 2014/10/21 2:55 p.m.17 views

CVE-2014-8375

SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...

6.5CVSS8.4AI score0.0323EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2014/10/21 2:55 p.m.1 views

CVE-2014-8375

SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...

6.5CVSS6.4AI score0.0323EPSS
Exploits1References4
Prion
Prion
added 2014/10/21 2:55 p.m.16 views

Sql injection

SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...

6.5CVSS9.1AI score0.0323EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2014/10/21 2:0 p.m.28 views

CVE-2014-8375

SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...

8.4AI score0.0323EPSS
Exploits1References3
CVE
CVE
added 2014/10/21 2:0 p.m.45 views

CVE-2014-8375

GB Gallery Slideshow WordPress plugin 1.5 contains a SQL injection vulnerability in GBgallery.php. The issue is exploitable via the selected_group parameter in the gb_ajax_get_group action called through wp-admin/admin-ajax.php, allowing remote attackers (with appropriate privileges) to execute a...

6.5CVSS8.7AI score0.0323EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2014/08/11 12:0 a.m.43 views

WordPress Plugin GB Gallery Slideshow - '/wp-admin/admin-ajax.php' SQL Injection

source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/08/11 12:0 a.m.35 views

WordPress GB Gallery Slideshow 1.5 SQL Injection

Exploit Title : Wordpress GB Gallery Slideshow 1.5 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://gb-plugins.com/ Software Link : http://downloads.wordpress.org/plugin/gb-gallery-slideshow.1.5.zip Date : 2014-08-09 Tested on : Linux / sqlmap 1.0-dev-5b2ded0...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2014/08/11 12:0 a.m.14 views

WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection

WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it i...

0.2AI score
Exploits0
WPVulnDB
WPVulnDB
added 2014/08/01 12:0 a.m.8 views

ZooEffect 1.08 - HTTP Referer Reflected XSS

Description The ZooEffect Plugin for Video player, Photo Gallery Slideshow jQuery and audio / music / podcast – HTML5 WordPress plugin was affected by a HTTP Referer Reflected XSS security vulnerability...

6.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/01/17 2:0 a.m.24 views

CVE-2007-6691

Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to 1 "hotlink protection" in the URL rewrite module, 2 a WebDAV view in the WebDAV module, 3 a comment view in the Comment module, 4 unspecified "item information disclosure attacks" in the Core modu...

10CVSS5.9AI score0.02162EPSS
Exploits0References1
Rows per page
Query Builder