Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/03 3:51 p.m.5 views

CVE-2026-25118

immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...

6.3CVSS5.8AI score0.00449EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/03 3:51 p.m.4 views

EUVD-2026-18756

immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...

6.3CVSS5.8AI score0.00449EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/12 6:37 p.m.27 views

CVE-2026-22784 Lychee cross-album password propagation on Album unlocking

Lychee is a free, open-source photo-management tool. Prior to 7.1.0, an authorization vulnerability exists in Lychee's album password unlock functionality that allows users to gain possibly unauthorized access to other users' password-protected albums. When a user unlocks a password-protected...

2.3CVSS0.00233EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2008/01/22 12:0 a.m.18 views

Coppermine Photo Gallery < 1.4.11 Album Password Cookie SQL Injection

Binary data 4351.prm...

7.5CVSS7.3AI score0.02126EPSS
Exploits0References3
Prion
Prion
added 2007/07/04 4:30 p.m.15 views

Sql injection

SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...

7.5CVSS8.9AI score0.01016EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2007/07/04 4:30 p.m.18 views

CVE-2007-3558

SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...

7.5CVSS8.6AI score0.01016EPSS
Exploits0References3
Rows per page
Query Builder