3 matches found
CVE-2008-1296
CVE-2008-1296 affects EncapsGallery 1.11.2, with XSS vulnerabilities exploitable via the file parameter to core/watermark.php and core/catalog_watermark.php. The description in the connected documents confirms remote script/HTML injection potential, leading to arbitrary-script execution in the co...
CVE-2008-1988
CVE-2008-1988 describes an unrestricted file upload in EncapsGallery 2.0.2. The flaw exists in the file_upload function of core/misc.class.php, allowing remote authenticated administrators to upload and execute arbitrary PHP files by using an executable extension, then accessing the file directly...
CVE-2008-1987
CVE-2008-1987 affects EncapsGallery 2.0.2, via the search.php vulnerability where an attacker can inject arbitrary HTML/script through the search parameter (XSS). The provided sources confirm the vulnerable component and parameter vector but do not include explicit exploit details, impacted versi...