EUVD-2005-0221

Malware in sbrugna...

Gallery 1.4.4 - Remote Server-Side Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'settimelimit' function...

Design/Logic Flaw

Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the 1 username, or the 2 password and password2 parameters in an edit action...

CVE-2005-0220

Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field...

CVE-2005-0220

Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field...

CVE-2005-0220

Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field...

CVE-2005-0220

The CVE-2005-0220 entry concerns Gallery (affected: Gallery 1.4.4-pl2) with a cross-site scripting vulnerability in login.php where the username field is not properly sanitized. The underlying issue allows remote attackers to inject arbitrary script/HTML via the username parameter, enabling poten...

Gallery 1.4.4 - Remote Server-Side Script Execution

source: https://www.securityfocus.com/bid/10968/info A vulnerability is reported to exist in Gallery that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue is a design error that occurs due to the 'settimelimit' function. The issue presents itself becuase...