CVE-2024-25807

Cross Site Scripting XSS vulnerability in Lychee 3.1.6, allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album...

CVE-2024-25807

Cross Site Scripting XSS vulnerability in Lychee 3.1.6, allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album...

Lychee 安全漏洞

Lychee is a beautiful and easy to use photo management system from The Lychee Organisation open source. It is used to manage and share photos. A security vulnerability exists in Lychee version 3.1.6, which stems from a cross-site scripting XSS vulnerability. The vulnerability can be exploited by ...

CVE-2024-25807

Cross Site Scripting XSS vulnerability in Lychee 3.1.6, allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album...

PT-2024-21140 · Lychee · Lychee

Name of the Vulnerable Software and Affected Versions: Lychee version 3.1.6 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album. This is a Cross Site Scripting XSS issue. Recommendations: For Lych...

The vulnerability of the Video Station photo album creation application, related to deficiencies in the authentication process, allows unauthorized users to elevate their privileges.

The vulnerability of the Video Station photo album creation application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to increase their privileges...

InselPhoto 1.1 Cross Site Scripting

Software: InselPhoto v1.1 Persistent XSS Vulnerability Discovered by: Paul Hand aka rAWjAW Blog: http://rawjaw-security.blogspot.com E-mail: phand3754gmailcom Shouts: rBg && eternalsecurity For this Persistent XSS to work you have to: 1. Create a user account 2. Create an album 3. Upload any...

InselPhoto 1.1 Persistent XSS Vulnerability

No description provided by source. Software: InselPhoto v1.1 Persistent XSS Vulnerability Discovered by: Paul Hand aka rAWjAW Blog: http://rawjaw-security.blogspot.com E-mail: phand3754atgmaildotcom Shouts: rBg && eternalsecurity For this Persistent XSS to work you have to: 1. Create a user accou...

Social Groupie (create_album.php) Remote File Upload Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

CVE-2007-6685

Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors...

CVE-2007-6685

CVE-2007-6685 affects the Publish XP module of Menalto Gallery prior to 2.2.4. The description states an unspecified vulnerability that lets an attacker create albums and upload files via unknown vectors. Remediation per connected sources is to upgrade to Gallery 2.2.4 or newer (e.g., Gallery 2.2...

FreeBSD : gallery2 -- multiple vulnerabilities (4aab7bcd-b294-11dc-a6f0-00a0cce0781e)

The Gallery team reports : Gallery 2.2.4 addresses the following security vulnerabilities : - Publish XP module - Fixed unauthorized album creation and file uploads. - URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...

Fedora 8 : gallery2-2.2.4-1.fc8 (2007-4778)

Gallery 2.2.4 addresses the following security vulnerabilities : - Publish XP module - Fixed unauthorized album creation and file uploads. - URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink protection. - Core /...

gallery2 -- multiple vulnerabilities

The Gallery team reports: Gallery 2.2.4 addresses the following security vulnerabilities: Publish XP module - Fixed unauthorized album creation and file uploads. URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...