Lucene search
EncapsEncapsgallery2.0.2
2 matches found
CVE-2008-1988
Unrestricted file upload vulnerability in the file_upload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file ...
9CVSS6.8AI score0.00698EPSS
CVE-2008-1987
Cross-site scripting (XSS) vulnerability in search.php in EncapsGallery 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
4.3CVSS5.7AI score0.00285EPSS