CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/08/08 6:10 p.m.•15 views

CVE-2012-10052

CVE-2012-10052 affects EGallery (version 1.2). The vulnerability is an unauthenticated arbitrary file upload in the uploadify.php script, where the app does not validate file types or require authentication, allowing remote attackers to upload PHP files into the web-accessible egallery/ directory...

9.3CVSS7.8AI score0.7245EPSS

Cvelist•added 2025/08/08 6:10 p.m.•7 views

CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload

9.3CVSS0.7245EPSS

Vulnrichment•added 2025/08/08 6:10 p.m.•4 views

CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload

9.3CVSS8.1AI score0.7245EPSS

CNNVD•added 2025/08/08 12:0 a.m.•1 views

EGallery 安全漏洞

EGallery is an online art gallery from EGallery Inc. in the United States. A security vulnerability exists in EGallery version 1.2, which stems from an uploadify.php script that does not validate file types or authentication, and could lead to arbitrary file uploads and remote code execution...

9.3CVSS7.9AI score0.7245EPSS

Exploits0References7

Positive Technologies•added 2025/08/08 12:0 a.m.•4 views

PT-2025-32405 · Gallery · Gallery

Name of the Vulnerable Software and Affected Versions: EGallery version 1.2 Description: EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application does not validate file types or enforce authentication, allowing remote...

9.3CVSS8.2AI score0.7245EPSS

Exploits0References7

seebug.org•added 2014/07/01 12:0 a.m.•15 views

MAXdev My eGallery Module 3.04 - For Xoops 'gid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28220/info MAXdev My eGallery module for Xoops is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

PHP-Nuke eGallery 3.0 Module - 'pid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28088/info The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

Dsquare•added 2012/11/12 12:0 a.m.•131 views

EGallery 1.2 File Upload

File upload vulnerability in EGallery Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Exploits0References1

myhack58•added 2012/07/28 12:0 a.m.•20 views

EGallery PHP file upload flaws and fixes-vulnerability warning-the black bar safety net

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 Msf::Exploit::Remo...

0.4AI score

Exploit DB•added 2012/07/23 12:0 a.m.•21 views

EGallery - Arbitrary '.PHP' File Upload (Metasploit)

7.4AI score

0day.today•added 2012/07/23 12:0 a.m.•18 views

EGallery PHP File Upload Vulnerability

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Packet Storm•added 2012/07/23 12:0 a.m.•20 views

EGallery PHP File Upload Vulnerability

0.2AI score

Metasploit•added 2012/07/21 10:14 a.m.•18 views

EGallery PHP File Upload Vulnerability

This module exploits a vulnerability found in EGallery 1.2 By abusing the uploadify.php file, a malicious user can upload a file to the egallery/ directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on Ubuntu 10.04. This module...

8AI score

0day.today•added 2012/07/16 12:0 a.m.•39 views

Egallery Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

exploitpack•added 2008/03/12 12:0 a.m.•21 views

MAXdev My eGallery Module 3.04 - For Xoops gid SQL Injection

MAXdev My eGallery Module 3.04 - For Xoops gid SQL Injection source: https://www.securityfocus.com/bid/28220/info MAXdev My eGallery module for Xoops is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...

0.2AI score

Exploit DB•added 2008/03/12 12:0 a.m.•17 views

MAXdev My eGallery Module 3.04 - For Xoops 'gid' SQL Injection

source: https://www.securityfocus.com/bid/28220/info MAXdev My eGallery module for Xoops is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.4AI score

exploitpack•added 2008/03/04 12:0 a.m.•12 views

PHP-Nuke eGallery 3.0 Module - pid SQL Injection

PHP-Nuke eGallery 3.0 Module - pid SQL Injection source: https://www.securityfocus.com/bid/28088/info The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...

0.5AI score