6 matches found
CVE-2026-25118
immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...
EUVD-2026-18756
immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...
CVE-2026-22784 Lychee cross-album password propagation on Album unlocking
Lychee is a free, open-source photo-management tool. Prior to 7.1.0, an authorization vulnerability exists in Lychee's album password unlock functionality that allows users to gain possibly unauthorized access to other users' password-protected albums. When a user unlocks a password-protected...
Coppermine Photo Gallery < 1.4.11 Album Password Cookie SQL Injection
Binary data 4351.prm...
Sql injection
SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...
CVE-2007-3558
SQL injection vulnerability in Coppermine Photo Gallery CPG before 1.4.11 allows remote attackers to execute arbitrary SQL commands via an album password cookie to an unspecified component...