Malicious code in proleis-web-gallery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9085cc1fa561c63217713c781ed745f8e6d4c34e5997413299b06aa2d6047dc1 The package proleis-web-gallery was found to contain malicious code...

MAL-2026-1827 Malicious code in proleis-web-gallery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9085cc1fa561c63217713c781ed745f8e6d4c34e5997413299b06aa2d6047dc1 The package proleis-web-gallery was found to contain malicious code...

CVE-2023-53922

TinyWebGallery v2.5 contains a remote code execution vulnerability in the admin upload functionality that allows unauthenticated attackers to upload malicious PHP files. Attackers can upload .phar files with embedded system commands to execute arbitrary code on the server by accessing the uploade...

EUVD-2010-2157

Malware in sbrugna...

EUVD-2008-2810

Malware in sbrugna...

CVE-2024-53276

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, an open CORS policy in app.js may allow an attacker to view the images of home-gallery when it is using the default settings. The following express middleware allows any website ...

CVE-2024-53276

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, an open CORS policy in app.js may allow an attacker to view the images of home-gallery when it is using the default settings. The following express middleware allows any website ...

CVE-2024-53276

CVE-2024-53276 — Home-Gallery.org : Affects Home-Gallery.org versions 1.15.0 and earlier. The issue is an open CORS policy in app.js that allows any external site to make cross-origin requests, enabling attackers to read endpoints and potentially view preview images. The vulnerability stems from ...

CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...

Piwigo Cross-Site Scripting Vulnerability (CNVD-2020-03256)

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A cross-site scripting vulnerability exists in Piwigo. The vulnerability stems from the lack of proper validation of client-side data ...

Coppermine Photo Gallery 1.5.36 Cross Site Scripting

Exploit Title: Coppermine Photo Gallery 1.5.36 Cross Site Scripting + Exploit Author: Ehsan Hosseini + Date: 27/7/2015 + Vendor Homepage: http://coppermine-gallery.net/ + Software Link: http://sourceforge.net/projects/coppermine/files/Coppermine/1.5.x/cpg1.5.36.zip/download + Version: 1.5.36 +...

Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19462/info Tiny Web Gallery is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...

NiTrO Web Gallery <= 1.4.3 (section) Remote SQL Injection Vulnerability

Viva IslaM Viva IslaM Remote SQL Injection Vulnerability NiTrO Web Gallery V1.3 - V1.4- V1.41 - 1.42 - V1.43 albums.php section AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : NiTrO Web Gallery Versions : V1.3 - V1.4- V1.41 - V1.42 - V1.43 Site :...

Piwigo 2.5.2 - Cross-Site Scripting

Piwigo 2.5.2 - Cross-Site Scripting Exploit Title: Piwigo 2.5.2 Add create a new album Follow this link : http://localhost/piwigo/admin.php?page=photosadd 3 Insert A photo In Your Album And Save It. 4 And Go To Photo Edit; Follow This Way : Photos Batch Manager single mode...

Piwigo 2.4.6 Arbitrary File Read / Delete

Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful features to publish and manage your collection of...

CVE-2010-2141

SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action...

Sql injection

SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action...

CVE-2010-2141

SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action...

CVE-2010-2141

CVE-2010-2141 affects the NITRO Web Gallery. The vulnerability is an SQL injection in index.php, exploitable via the PictureId parameter in an open action, allowing remote attackers to run arbitrary SQL commands. The issue is documented across multiple sources (NVD/NVD mirrors, CVE records, and a...