Lucene search
K

42 matches found

Cvelist
Cvelist
added 2023/03/01 1:2 p.m.29 views

CVE-2022-38468 WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin = 3.28 leading to thumbnail alteration...

4.3CVSS5AI score0.00229EPSS
Exploits0References1
CVE
CVE
added 2023/03/01 1:2 p.m.71 views

CVE-2022-38468

CVE-2022-38468 : A CSRF vulnerability in the Imagely WordPress Gallery Plugin – NextGEN Gallery (versions

4.3CVSS5AI score0.00229EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/01 12:0 a.m.5 views

PT-2023-13608 · Imagely · Imagely Wordpress Gallery Plugin - Nextgen Gallery

Name of the Vulnerable Software and Affected Versions: Imagely WordPress Gallery Plugin - NextGEN Gallery versions prior to 3.29 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to thumbnail alteration. Recommendations: For versions prior to 3.2...

4.3CVSS5.5AI score0.00229EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2020/01/31 9:54 a.m.145 views

Exploit for SQL Injection in Imagely Nextgen_Gallery

CVE-2019-14314 CVE-2019-14314 - NextGEN Gallery 3.2.10 Authent...

9.8CVSS9.8AI score0.43353EPSS
Exploits1
CNVD
CNVD
added 2019/08/29 12:0 a.m.5 views

WordPress Imagely NextGEN Gallery Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Imagely NextGEN Gallery is an image gallery plugin used in it. A SQL injection vulnerability exists in WordPress Imagely NextGEN Galler...

9.8CVSS8.4AI score0.43353EPSS
Exploits1References1
NVD
NVD
added 2019/08/27 4:15 p.m.43 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...

9.8CVSS9.9AI score0.43353EPSS
Exploits1References3
OSV
OSV
added 2019/08/27 4:15 p.m.2 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...

9.8CVSS7.6AI score0.43353EPSS
Exploits1References3
Prion
Prion
added 2019/08/27 4:15 p.m.32 views

Sql injection

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...

7.5CVSS9.8AI score0.43353EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/08/27 3:58 p.m.42 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...

9.9AI score0.43353EPSS
Exploits1References3
CVE
CVE
added 2019/08/27 3:58 p.m.242 views

CVE-2019-14314

The CVE-2019-14314 issue affects the Imagely NextGEN Gallery WordPress plugin prior to 3.2.11. The root cause is a SQL injection in modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php, allowing a remote attacker to execute arbitrary SQL commands and potentially compromise d...

9.8CVSS9.9AI score0.43353EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/08/27 12:0 a.m.22 views

CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via...

9.8CVSS3.3AI score0.43353EPSS
Exploits1References4
OSV
OSV
added 2018/07/13 8:29 p.m.3 views

CVE-2016-6565

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

7.5CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2018/07/13 8:29 p.m.15 views

CVE-2016-6565

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

7.5CVSS7.7AI score0.02538EPSS
Exploits0References2
Prion
Prion
added 2018/07/13 8:29 p.m.11 views

Code injection

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

6CVSS7.7AI score0.02538EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/07/13 8:0 p.m.59 views

CVE-2016-6565

The CVE-2016-6565 issue affects the WordPress Imagely NextGEN Gallery plugin prior to version 2.1.57. The vulnerability arises from improper validation of the cssfile parameter in an HTTP POST request, which can allow an authenticated user to read arbitrary files on the server or, in some server ...

7.5CVSS7.6AI score0.02538EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/07/13 8:0 p.m.18 views

CVE-2016-6565 The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some...

7.9AI score0.02538EPSS
Exploits0References2
CNVD
CNVD
added 2018/05/17 12:0 a.m.4 views

WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...

4.8CVSS6.3AI score0.00584EPSS
Exploits0References1
NVD
NVD
added 2018/04/30 10:29 p.m.11 views

CVE-2018-1000172

Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting XSS vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45...

4.8CVSS5AI score0.00584EPSS
Exploits0References2
Prion
Prion
added 2018/04/30 10:29 p.m.15 views

Cross site scripting

Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting XSS vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45...

3.5CVSS5AI score0.00584EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/04/30 10:0 p.m.44 views

CVE-2018-1000172

Imagely NextGEN Gallery (WordPress plugin) ≤ 2.2.44 contains a Cross-Site Scripting (XSS) in Image Alt & Title Text. The issue could be triggered when a user views an image on an administrator page, with the root cause stemming from improper validation of user-submitted data in the alt/title attr...

4.8CVSS4.9AI score0.00584EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder