13 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Easy Photo Gallery aka Ezphotogallery 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 galleryid parameter to gallery.php, and the 2 size or 3 imageid parameters to show.php...
CVE-2008-6990
The CVE-2008-6990 entry concerns Easy Photo Gallery (aka Ezphotogallery) 2.1, where a SQL injection flaw exists in gallery.php. The vulnerability allows remote attackers to inject and execute arbitrary SQL commands through the password parameter. This is based on multiple connected sources (NVD, ...
CVE-2008-6988
CVE-2008-6988 concerns Easy Photo Gallery (Ezphotogallery) 2.1 with multiple XSS vulnerabilities. The affected component is the web application’s dynamic pages, specifically gallery.php and show.php, where user-supplied parameters (galleryid on gallery.php; size or imageid on show.php) can be man...
Authentication flaw
useradmin.php in Easy Photo Gallery aka Ezphotogallery 2.1 does not require administrative authentication, which allows remote attackers to 1 add or 2 remove an Administrator account...
CVE-2008-4167
CVE-2008-4167 affects Easy Photo Gallery (Ezphotogallery) 2.1. The issue: useradmin.php does not require administrative authentication, allowing remote attackers to (1) add or (2) remove an Administrator account. The root cause, per the description, is a lack of authentication for admin account m...
ezphotogallery-admin.txt
---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Vulnerabilities Add Admin user/Remove user Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid=" ---------------------------------------------------------------- Discovered b...
Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability
No description provided by source. ---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Vulnerabilities Add Admin user/Remove user Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid="...
Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================== Easy Photo Gallery 2.1 XSS/FD/Bypass/SQL Injection Exploit ========================================================== !/usr/bin/perl...
Easy Photo Gallery 2.1 - Cross-Site Scripting / File Disclosure/Bypass / SQL Injection
!/usr/bin/perl ---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Multiple Vulnerabilities Xss/Login Bypass/Sql injection Exploit/File Disclosure Method : GET Alert : High Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid="...
Easy Photo Gallery 2.1 - Arbitrary Add Admin / remove user
---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Vulnerabilities Add Admin user/Remove user Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid=" ---------------------------------------------------------------- Discovered b...
Easy Photo Gallery 2.1 - Cross-Site Scripting File DisclosureBypass SQL Injection
Easy Photo Gallery 2.1 - Cross-Site Scripting File DisclosureBypass SQL Injection !/usr/bin/perl ---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Multiple Vulnerabilities Xss/Login Bypass/Sql injection Exploit/File Disclosure Method : GET Alert :...
Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability
Exploit for unknown platform in category web applications ====================================================================== Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability ======================================================================...
Easy Photo Gallery 2.1 - Arbitrary Add Admin remove user
Easy Photo Gallery 2.1 - Arbitrary Add Admin remove user ---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Vulnerabilities Add Admin user/Remove user Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid="...