CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/15836/info EncapsGallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation coul...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

EncapsGallery 1.11.2 - catalog_watermark.php file Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28178/info EncapsGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score

Exploits0

NVD•added 2008/04/27 9:5 p.m.•10 views

CVE-2008-1987

Cross-site scripting XSS vulnerability in search.php in EncapsGallery 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.7AI score0.01033EPSS

Exploits0References4

Prion•added 2008/04/27 9:5 p.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in EncapsGallery 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS6.1AI score0.01033EPSS

Exploits0References4Affected Software1

Prion•added 2008/04/27 9:5 p.m.•10 views

Unrestricted file upload

Unrestricted file upload vulnerability in the fileupload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file...

9CVSS7.3AI score0.02585EPSS

Exploits0References3Affected Software1

Cvelist•added 2008/04/27 9:0 p.m.•14 views

CVE-2008-1987

Cross-site scripting XSS vulnerability in search.php in EncapsGallery 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.7AI score0.01033EPSS

Exploits0References4

CVE•added 2008/04/27 9:0 p.m.•33 views

CVE-2008-1987

CVE-2008-1987 affects EncapsGallery 2.0.2, via the search.php vulnerability where an attacker can inject arbitrary HTML/script through the search parameter (XSS). The provided sources confirm the vulnerable component and parameter vector but do not include explicit exploit details, impacted versi...

4.3CVSS5.7AI score0.01033EPSS

Exploits0References4Affected Software1

CVE•added 2008/04/27 9:0 p.m.•38 views

CVE-2008-1988

CVE-2008-1988 describes an unrestricted file upload in EncapsGallery 2.0.2. The flaw exists in the file_upload function of core/misc.class.php, allowing remote authenticated administrators to upload and execute arbitrary PHP files by using an executable extension, then accessing the file directly...

9CVSS6.8AI score0.02585EPSS

Exploits0References3Affected Software1

Prion•added 2008/03/12 5:44 p.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EncapsGallery 1.11.2 allow remote attackers to inject arbitrary web script or HTML via the file parameter to 1 watermark.php and 2 catalogwatermark.php in core/. NOTE: the provenance of this information is unknown; the details are obtained sole...

4.3CVSS6AI score0.01472EPSS

Exploits0References3Affected Software1

NVD•added 2008/03/12 5:44 p.m.•15 views

CVE-2008-1296

4.3CVSS5.7AI score0.01472EPSS

Exploits0References3

CVE•added 2008/03/12 5:0 p.m.•46 views

CVE-2008-1296

CVE-2008-1296 affects EncapsGallery 1.11.2, with XSS vulnerabilities exploitable via the file parameter to core/watermark.php and core/catalog_watermark.php. The description in the connected documents confirms remote script/HTML injection potential, leading to arbitrary-script execution in the co...

4.3CVSS5.7AI score0.01472EPSS

Exploits0References3Affected Software1

exploitpack•added 2008/03/10 12:0 a.m.•8 views

EncapsGallery 1.11.2 - catalog_watermark.php?file Cross-Site Scripting

EncapsGallery 1.11.2 - catalogwatermark.php?file Cross-Site Scripting source: https://www.securityfocus.com/bid/28178/info EncapsGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

6.8AI score

Exploits0

exploitpack•added 2008/03/10 12:0 a.m.•14 views

EncapsGallery 1.11.2 - watermark.php?File Cross-Site Scripting

EncapsGallery 1.11.2 - watermark.php?File Cross-Site Scripting source: https://www.securityfocus.com/bid/28178/info EncapsGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

6.8AI score

Exploits0

Exploit DB•added 2008/03/10 12:0 a.m.•17 views

EncapsGallery 1.11.2 - 'watermark.php?File' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28178/info EncapsGallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...

7.4AI score

Exploits0

Exploit DB•added 2008/03/10 12:0 a.m.•20 views

EncapsGallery 1.11.2 - 'catalog_watermark.php?file' Cross-Site Scripting

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by