PT-2026-39505

Filterable Portfolio Gallery 1.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by entering payloads in the title field. Attackers can store JavaScript code like image tags with onerror handlers that execute when the gallery...

CVE-2026-4766 Easy Image Gallery <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Shortcode Post Meta

The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery shortcode post meta field in all versions up to, and including, 1.5.3. This is due to insufficient input sanitization and output escaping on user-supplied gallery shortcode values. This makes ...

PT-2026-27894

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.2.3 Description A flaw exists in Contest Gallery that allows for authentication bypass. This allows for authentication abuse by utilizing an alternate path or channel. Recommendations Update Contest Galle...

WordPress plugin Contest Gallery 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2026-14175

Vikunja is an open-source self-hosted task management platform. Starting in version 1.0.0-rc0 and prior to version 2.2.0, unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. Version...

CVE-2026-32418 WordPress Meow Gallery plugin <= 5.4.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordy Meow Meow Gallery meow-gallery allows Blind SQL Injection.This issue affects Meow Gallery: from n/a through = 5.4.4...

CVE-2023-53939

CVE-2023-53939 concerns TinyWebGallery v2.5 with a stored cross-site scripting (XSS) flaw triggered via the folder name parameter in album folders. Authenticated users can insert script tags into folder names, which then execute arbitrary JavaScript when other users view affected gallery pages. T...

CVE-2025-34434

AVideo versions prior to 20.1 with the ImageGallery plugin enabled is vulnerable to unauthenticated file upload and deletion. Plugin endpoints responsible for managing gallery images fail to enforce authentication checks and do not validate ownership, allowing unauthenticated attackers to upload ...

CVE-2025-12966

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resolveimportdirectory function in versions 4.5.4 to 4.5.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload...

CVE-2025-62950

Cross-Site Request Forgery CSRF vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Cross Site Request Forgery.This issue affects Contest Gallery: from n/a through = 28.0.0...

CVE-2025-62910

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in deshine Video Gallery by Huzzaz huzzaz-video-gallery allows Stored XSS.This issue affects Video Gallery by Huzzaz: from n/a through = 10.5...

EUVD-2008-3648

Malware in sbrugna...

EUVD-2006-0594

Malware in sbrugna...

EUVD-2013-2191

Malware in sbrugna...

EUVD-2021-11441

Malware in sbrugna...

EUVD-2010-1052

Malware in sbrugna...

EUVD-2007-6649

Malware in sbrugna...

EUVD-2008-2714

Malware in sbrugna...

EUVD-2009-2910

Malware in sbrugna...

EUVD-2001-0883

Malware in sbrugna...