9 matches found
EUVD-2015-9081
Malware in sbrugna...
WordPress Photocrati NextGEN Gallery Plugin File Upload Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Photocrati NextGEN Gallery plugin is one of the image management plugin. A security vulnerability exists in the...
CVE-2015-9229
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
Information disclosure
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
CVE-2015-9229
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images1alttext parameter...
Unrestricted file upload
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...
CVE-2015-9228
CVE-2015-9228 affects WordPress Photocrati NextGEN Gallery plugin, version 2.1.10. The vulnerability allows unrestricted file upload via the name parameter when a file extension is changed from .jpg to .php, enabling potentially arbitrary PHP uploads. The NVD entry notes high-impact risk (Confide...
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php...