17 matches found
EUVD-2008-2717
Malware in sbrugna...
EUVD-2010-1216
Malware in sbrugna...
EUVD-2003-0762
Malware in sbrugna...
EUVD-2024-51930
Malicious code in bioql PyPI...
EUVD-2025-13693
Malicious code in bioql PyPI...
EUVD-2024-42540
Malicious code in bioql PyPI...
CVE-2025-49451 WordPress Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery plugin <= 1.0.13 - Directory Traversal Vulnerability
Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through...
PT-2025-25712 · Unknown · Aeroscroll Gallery
Name of the Vulnerable Software and Affected Versions: Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery versions 1.0.12 and earlier Description: The issue is a Path Traversal vulnerability that affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid...
PT-2025-20054 · Samsung · Samsung Gallery
Name of the Vulnerable Software and Affected Versions: Samsung Gallery versions prior to 14.5.10.3 in Global Android 13 Samsung Gallery versions prior to 14.5.09.3 in China Android 13 Samsung Gallery versions prior to 15.5.04.5 in Android 14 Description: The issue is related to improper input...
CVE-2025-0560 CampCodes School Management Software Photo Gallery Page photo-gallery cross site scripting
A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /photo-gallery of the component Photo Gallery Page. The manipulation of the argument Description leads to cross site scripting. It is possible t...
CVE-2021-24126
Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata namely title before outputting them in the generated gallery, which could lead to privilege escalation...
CVE-2008-4129
Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload aka zip upload functionality...
Coppermine Photo Gallery bridge/coppermine.inc.php文件SQL注入漏洞
BUGTRAQ ID: 28767 Coppermine是用PHP编写的多用途集成Web图形库脚本。 Coppermine的coppermine.inc.php文件没有正确地过滤SQL查询中的某些输入,这允许远程攻击者通过操控SQL查询请求执行SQL注入攻击。 Coppermine Photo Gallery 1.4.17 Coppermine ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://downloads.sourceforge.net/coppermine/cpg1.4.18.zip...
Gallery < 1.4.4-p12 Unspecified HTML Injection
Binary data 2389.prm...
Gallery 1.4.3 and ealier user authentication bypass
A flaw exists in Gallery versions previous to 1.4.3-pl1 and post 1.2 which may give an attacker the potential to log in under the "admin" account. Data outside of the gallery is unaffected and the attacker cannot modify any data other than the photos or photo albums...
Apache::Gallery local webserver compromise, privilege escalation
Greetings, Apache::Gallery http://apachegallery.dk is a free and popular perl module that, in combination with modperl and Apache, provides a powerful and customizable web gallery of your photographs. A::G unfortunately misuse Inline::C to created shared libraries. From the Inline::C documentatio...
[SECURITY] [DSA-138-1] Remote execution exploit in gallery
Package : gallery Problem type : remote exploit Debian-specific: no A problem was found in gallery a web-based photo album toolkit: it was possible to pass in the GALLERYBASEDIR variable remotely. This made it possible to execute commands under the uid of web-server. This has been fixed in versio...