Lucene search
K

92 matches found

Cvelist
Cvelist
added 2022/11/16 12:0 a.m.15 views

CVE-2021-38819

A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...

9.2AI score0.00907EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/16 12:0 a.m.6 views

PT-2022-10780 · Unknown · Simple Image Gallery System

Name of the Vulnerable Software and Affected Versions: Simple Image Gallery System version 1.0 Description: A SQL injection issue exists in the application, specifically through the id parameter on the album page. Recommendations: For Simple Image Gallery System version 1.0, avoid using the id...

8.8CVSS8.8AI score0.00907EPSS
Exploits1References2
CVE
CVE
added 2022/11/16 12:0 a.m.110 views

CVE-2021-38819

CVE-2021-38819 affects the Simple Image Gallery System 1.0. A SQL injection exists via the “id” parameter on the album page, with CVSS v3.1 base score 8.8 (HIGH) and impacts to Confidentiality, Integrity, and Availability. Exploitation is listed as network-based with low attack complexity, requir...

8.8CVSS9AI score0.00907EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/12/14 4:15 p.m.3 views

CVE-2021-39313

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the /simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6...

6.1CVSS5.8AI score0.00757EPSS
Exploits0References2
Prion
Prion
added 2021/12/14 4:15 p.m.14 views

Cross site scripting

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the /simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6...

4.3CVSS6.1AI score0.00757EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/12/14 3:50 p.m.10 views

CVE-2021-39313 Simple Image Gallery <= 1.0.6 Reflected Cross-Site Scripting

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the /simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6...

6.1CVSS6AI score0.00757EPSS
Exploits0References2
CVE
CVE
added 2021/12/14 3:50 p.m.50 views

CVE-2021-39313

CVE-2021-39313 affects the WordPress Simple Image Gallery plugin. The vulnerability is a Reflected Cross-Site Scripting flaw in the simple-image-gallery.php file, exploitable via the msg parameter and permits injection of arbitrary client-side scripts. The issue is present in versions up to and i...

6.1CVSS6AI score0.00757EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/14 3:50 p.m.18 views

CVE-2021-39313 Simple Image Gallery <= 1.0.6 Reflected Cross-Site Scripting

The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the /simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6...

6.1CVSS6.2AI score0.00757EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2021/12/14 12:0 a.m.17 views

Simple Image Gallery <= 1.0.6 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the /simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6...

6.1CVSS4.9AI score0.00757EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/12/14 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. simple Image Gallery plugin is a WordPress open source application plugin. the WordPress Simple Image Gallery plugin ha...

6.1CVSS5.7AI score0.00757EPSS
Exploits0References3
Patchstack
Patchstack
added 2021/12/13 12:0 a.m.20 views

WordPress Simple Image Gallery plugin <= 1.0.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress Simple Image Gallery plugin versions = 1.0.6. Solution Deactivate and delete. This plugin has been closed as of December 3, 2021 and is not available for download. This closure is temporary, pending a full review...

6.1CVSS2.7AI score0.00757EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/08/16 1:53 p.m.22 views

CVE-2021-38753

An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web app...

9.8AI score0.0146EPSS
Exploits1References1
CVE
CVE
added 2021/08/16 1:53 p.m.55 views

CVE-2021-38753

The CVE-2021-38753 entry concerns Simple Image Gallery Web App, with an unrestricted file upload vulnerability that can be exploited to upload a web shell and execute it, potentially gaining unauthorized access to the hosting server. Multiple sources describe an access control/file-upload flaw en...

9.8CVSS9.6AI score0.0146EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/03/07 12:0 a.m.6 views

Kubik-Rubik Simple Image Gallery Extended Cross-Site Scripting Vulnerability in Joomla!

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . Kubik-Rubik Simple Image Gallery Extended SIGE extension is to use one of the image management extension component. A cross-si...

6.1CVSS6.3AI score0.00675EPSS
Exploits1References1
OSV
OSV
added 2018/03/05 11:29 p.m.2 views

CVE-2018-7717

The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...

6.1CVSS5.8AI score0.00675EPSS
Exploits1References1
Prion
Prion
added 2018/03/05 11:29 p.m.22 views

Design/Logic Flaw

The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...

4.3CVSS5.8AI score0.00675EPSS
Exploits1References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/02/26 12:0 a.m.114 views

Kubik-Rubik Simple Image Gallery Extended (SIGE),3.2.3,XSS (Cross Site Scripting)

Kubik-Rubik Simple Image Gallery Extended SIGE, versions 3.2.3 and previous, XSS Cross Site Scripting resolution: update to 3.2.4 latest release is 3.3.0 update notice: https://joomla-extensions.kubik-rubik.de/sige-simple-image-gallery-extendedchangelog Note that the developer did not inform the ...

6.1CVSS0.5AI score0.02227EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/02/20 3:0 p.m.65 views

CVE-2017-16356

CVE-2017-16356 affects Kubik-Rubik Simple Image Gallery Extended (SIGE) for Joomla. The vulnerability is a reflected XSS in print.php that allows JavaScript injection via crafted parameters (caption; also name/img in older versions). Impact is execution of script in the victim’s browser. Affected...

6.1CVSS5.9AI score0.02227EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2018/02/20 3:0 p.m.30 views

CVE-2017-16356

Reflected XSS in Kubik-Rubik SIGE aka Simple Image Gallery Extended before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/pluginsige/print.php link with a crafted img, name, or caption parameter...

6AI score0.02227EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.60 views

Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting

Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...

6.1CVSS6.5AI score0.02227EPSS
Exploits5
Rows per page
Query Builder