20 matches found
EUVD-2006-2859
Malware in sbrugna...
EUVD-2005-0806
Malware in sbrugna...
EUVD-2017-15683
Malware in sbrugna...
EUVD-2006-2909
Malware in sbrugna...
EUVD-2025-28734
Malicious code in bioql PyPI...
Art Gallery Management System changepropic.php File SQL Injection Vulnerability
Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter imageid in the file /admin/changepropic.php. An attacker...
CVE-2025-6411
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched...
PHPGurukul Art Gallery Management System 注入漏洞
Art Gallery Management System is an art gallery management system. Art Gallery Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter imageid in the file /admin/changepropic.php. An attacker...
PT-2024-39012 · WordPress · Wp Easy Gallery
Name of the Vulnerable Software and Affected Versions: The WP Easy Gallery – WordPress Gallery Plugin versions up to, and including, 4.8.5 Description: The issue allows authenticated attackers with subscriber-level access and above to perform SQL Injection via the edit imageId and edit imageDelet...
CVE-2023-51978
In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid" parameter is vulnerable to SQL Injection...
CVE-2015-5072
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
Code injection
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
Sql injection
ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action...
CVE-2017-9426
ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action...
Piwigo Facetag Extension SQL Injection Vulnerability
Piwigo is a web-based photo album software from Piwigo team. The software supports photo publishing, management, multiple browsing categories, tags, time, etc. Facetag extension is one of the face tagging plugins. A SQL injection vulnerability exists in the ws.php file in version 0.0.3 of the...
Cisco Unity Connection Unauthorized Access Vulnerability
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. Cisco Unity Connection has an unauthorized access vulnerability vulnerability in the ImageID parameter. The vulnerability stems from the HTTP POST parameter user input no...
Cisco Unity Connection ImageID Parameter Unauthorized Access Vulnerability
A vulnerability in the ImageID parameter of Cisco Unity Connection could allow an unauthenticated, remote attacker to access files in arbitrary locations on the filesystem of an affected device. The issue is due to improper sanitization of user-supplied input in HTTP POST parameters that describe...
CVE-2006-2912
Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote attackers to execute arbitrary SQL commands via the 1 albumID parameter to a viewalbum.php or b index.php, 2 imageID parameter to c popup.php, or 3 username and 4 password parameters to d admin/member.php...
CVE-2006-2862
SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter...
CVE-2005-0805
The CVE-2005-0805 entry describes a SQL injection in Subdreamer Light’s index.php when magic_quotes_gpc is enabled. The vulnerability allows remote attackers to run arbitrary SQL via parameters treated as global variables, demonstrated via the imageid parameter that imagegallery.php fails to sani...