68 matches found
WordPress Mixed Media Gallery Blocks plugin <= 3.2.4.4 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin SimpLy Gallery versions = 3.2.4.4...
📄 glFusion 1.3.0 Blind SQL Injection
A critical blind SQL injection vulnerability exists in glFusion CMS version 1.3.0, affecting the Media Gallery search functionality. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and potentially compromise the entire database. This issue is older...
EUVD-2021-22669
Malware in sbrugna...
EUVD-2005-1082
Malware in sbrugna...
EUVD-2007-2698
Malware in sbrugna...
RSJoomla! RSMediaGallery! SQL注入漏洞
RSJoomla! RSMediaGallery! is an image management tool from RSJoomla! An SQL injection vulnerability exists in RSJoomla! RSMediaGallery! versions 1.7.4 through 2.1.6, which stems from unescaped user input resulting in SQL injection...
U.S. Dept Of Defense: CSRF Attack leads to delete album at
The CSRF vulnerability was discovered in the media gallery feature of the DoD asset www.████████. The vulnerability allowed an attacker to delete albums without CSRF verification, as the delete request was based on a GET request. This could have led to the deletion of users' albums...
WordPress WordPress Picture / Portfolio / Media Gallery Plugin <= 3.0.1 is vulnerable to Server Side Request Forgery (SSRF)
Software WordPress Picture / Portfolio / Media Gallery Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-5021 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 4f6e62e03ba9 Credits...
BIT-MAGENTO-2021-36036 Magento Commerce Media Gallery Upload Improper Access Control Could Lead To Remote Code Execution
Magento versions 2.4.2 and earlier, 2.4.2 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege...
CVE-2024-26491
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
Cross site scripting
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
CVE-2024-26491
A cross-site scripting XSS vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field...
flusity CMS Security Vulnerability
flusity CMS is a user interaction interface solution that can be easily changed or added to code. A security vulnerability exists in flusity CMS version v2.33, which originates from a cross-site request forgery CSRF vulnerability in component /cover/addons/infomediagallery/action/editaddonpost.ph...
CVE-2024-26491
CVE-2024-26491 affects flusity-CMS v2.33, specifically the Addon JD Flusity 'Media Gallery with description' module. The vulnerability is cross-site scripting (XSS) where a crafted payload injected into the Gallery name text field can lead to execution of arbitrary web scripts or HTML. The connec...
GHSA-WQR6-WV6C-P8FX Magento improper access control vulnerability within Magento's Media Gallery Upload workflow
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...
Magento improper access control vulnerability within Magento's Media Gallery Upload workflow
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...
CVE-2021-36036
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...
CVE-2021-36036
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...
Improper access control
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...
CVE-2021-36036 Magento Commerce Media Gallery Upload Improper Access Control Could Lead To Remote Code Execution
Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privile...