28 matches found
CVE-2005-0219
CVE-2005-0219 : The connected sources describe multiple XSS vulnerabilities in Gallery 1.3.4-pl1, allowing remote attackers to inject arbitrary script/HTML via fields in add_comment.php (index), slideshow_low.php (set_albumName, slide_index, slide_full, slide_loop, slide_pause, slide_dir), and se...
CVE-2012-4919
The CVE-2012-4919 entry applies to the WordPress Gallery Plugin (Gallery Plugin for WordPress). The vulnerability is a Remote File Inclusion via the load parameter of the update_order.php script, caused by insufficient input validation. This allows an unauthenticated, remote attacker to include a...
CVE-2005-3251
CVE-2005-3251 is a directory traversal flaw in Gallery 2.0 (G2) where the g2_itemId parameter of main.php can be crafted by an attacker to read/include arbitrary files. Multiple OpenVAS/Nessus-derived feeds corroborate a read-access vulnerability affecting Gallery 2.x deployments, with the issue ...
CVE-2004-1106
CVE-2004-1106 affects Gallery up to version 1.4.4-pl3, with the vulnerability located in index.php include handling. The issue is a cross-site scripting (XSS) flaw that lets remote attackers provide specially formed URLs to inject arbitrary web script or HTML, via the include parameter, potential...
CVE-2003-1227
Technical details for CVE-2003-1227 are not provided in the supplied documents. Please monitor for updates from official advisories and vendor notices.
CVE-2002-1412
CVE-2002-1412 affects Gallery (Gallery project photo album) prior to 1.3.1. Affected component is the GALLERY_BASEDIR handling in the Gallery codebase. The underlying issue allows local and possibly remote attackers to execute arbitrary code by supplying a modified GALLERY_BASEDIR that points to ...
CVE-2004-0522
CVE-2004-0522 affects Gallery; multiple OpenVAS entries document a remote authentication bypass that lets an attacker gain administrator privileges. Vulnerable are Gallery versions up to 1.4.3 (and variants prior to 1.4.3-pl1 per Nessus notes) with a network-based attack surface (CVSS v2 base 10....
CVE-2004-2124
The CVE-2004-2124 entry describes a PHP remote file inclusion vulnerability in Gallery versions 1.3.1–1.4.1 caused by the register_globals simulation capability that lets an attacker modify HTTP_POST_VARS and trigger inclusion via the GALLERY_BASEDIR parameter. This is a distinct issue from CVE-2...
CVE-2006-0330
CVE-2006-0330 is an XSS vulnerability in the Gallery web application (gallery) affecting user registration fields (notably fullname). The issue is publicly documented across multiple advisories (Debian, Gentoo GLSA, OSS, etc.), with an explicit remediation path: upgrade Gallery to version 1.5.2 o...
CVE-2006-1127
CVE-2006-1127 describes a cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2. A remote attacker can inject arbitrary script/HTML through the X-Forwarded-For header when adding a comment to an album. Reported sources (e.g., Exploit-DB/Nessus entries) corroborate multiple Gallery 2 v...
CVE-2005-2596
CVE-2005-2596 concerns a programming error in the Gallery component used with Postnuke that allows any user with Admin privileges to access all galleries. Open-source advisories and Debian security notes describe a remote-attack surface stemming from a bug in the gallery code that grants full gal...
CVE-2006-1128
CVE-2006-1128 is a directory traversal vulnerability in Gallery 2 (up to 2.0.2) where the session value from a cookie is used to build file paths before sanitization, allowing remote attackers to access and delete files. Connected sources confirm the affected component is GallerySession.class and...
CVE-2005-0220
The CVE-2005-0220 entry concerns Gallery (affected: Gallery 1.4.4-pl2) with a cross-site scripting vulnerability in login.php where the username field is not properly sanitized. The underlying issue allows remote attackers to inject arbitrary script/HTML via the username parameter, enabling poten...
CVE-2005-2734
Gallery: XSS via EXIF data (CVE-2005-2734) affects Gallery 1.5.1-RC2 and earlier. An attacker can inject script/HTML through EXIF fields (e.g., Camera Model Tag). Debian/DSA-1148 and OpenVAS references indicate remote, pre-patch exposure; remediation is upgrading to fixed Gallery packages (e.g., ...
CVE-2003-0614
CVE-2003-0614 is a cross-site scripting (XSS) vulnerability in Gallery (web-based photo album) affecting Gallery 1.1 through 1.3.4. The vulnerability resides in search.php, where unsanitized input from the searchstring parameter can be exploited to inject arbitrary JavaScript into a victim’s brow...
CVE-2006-0587
Affected software. Gallery versions prior to 1.5.2-pl2. Vulnerability. An unspecified issue in util.php allows remote authenticated users to trick an owner into modifying stored album data and possibly execute arbitrary code via a crafted link to a crafted file. Impact. As described, potential ar...
CVE-2001-1234
CVE-2001-1234 affects Bharat Mediratta’s Gallery PHP script (versions before 1.2.1). A remote file inclusion flaw in the includedir parameter allows an attacker to include arbitrary remote files, enabling remote code execution with the web server’s privileges. The issue is documented by a Nessus ...
CVE-2002-2130
CVE-2002-2130 affects Gallery 1.3.2, specifically the publish_xp_docs.php module. The root cause is that the GALLERY_BASEDIR parameter can be modified to reference a URL on a remote web server that contains code, allowing remote attackers to execute arbitrary PHP code. Impact is described as remo...
CVE-2006-1219
Vulnerability summary (CVE-2006-1219) : A directory traversal / local file inclusion flaw affects Gallery 2.0.3 and earlier, and 2.1 before RC-2a. The issue allows an attacker to cause the application to include arbitrary PHP files via dot-dot sequences in the stepOrder parameter sent to (1) upgr...
CVE-2002-2123
The CVE-2002-2123 entry concerns Gallery 1.3.2’s publish_xp_docs.php PHP remote file inclusion vulnerability. An attacker can specify a URL to an init.php in the GALLERY_BASEDIR parameter, enabling arbitrary PHP code execution on the affected system. The affected software/function is publish_xp_d...
CVE-2005-0222
The CVE-2005-0222 entry concerns Gallery 2.0 Alpha where main.php exposes sensitive path information via the g2_subView parameter, enabling remote information disclosure. The underlying issue is a lack of proper validation/error handling that reveals the file path in an error message when g2_subV...
CVE-2006-4030
CVE-2006-4030 affects Gallery (1.5.1-RC2 and earlier) where missing input sanitising in the stats module allows information disclosure. OpenVAS Debian DSAs confirm the issue as one of several remote vulnerabilities; the CVSS base score is 5.0 (Partial confidentiality impact, network access, no au...
CVE-2005-4023
The Gallery 2.0 ZipCart module contains an unspecified vulnerability in versions before 2.0.2 that allows an unauthenticated, remote attacker to read arbitrary files, subject to web server user privileges. Exploitation requires the ZipCart module to be installed and active; the vectors are not di...
CVE-2004-1466
CVE-2004-1466 affects Gallery. Vulnerable in the upload handling where save_photos.php stores uploads in a temporary directory; if that directory is under the webroot, a remote attacker could upload a PHP file and, within a 30‑second window before deletion, execute arbitrary code. The issue is tr...
CVE-2005-0221
Affected software: Gallery 2.0 Alpha (Gallery login.php). Vulnerability: Cross-site scripting (XSS) via g2_form[subject]. Root cause: user-supplied input in login form is not properly sanitized, allowing injection of arbitrary HTML/script. Impact: remote attacker could exploit to run script in a ...
CVE-2006-1126
Gallery 2 up to 2.0.2 has an IP-spoofing flaw where a remote attacker can spoof X-Forwarded-For, which is trusted over REMOTE_ADDR. Affected: Gallery 2.x prior to 2.0.3. Root cause: server uses X_FORWARDED_FOR in IP checks. Impact: potential partial confidentiality/integrity exposure; possible fo...
CVE-2005-4021
CVE-2005-4021 affects Gallery 2.0 before 2.0.2. The install log is stored under the web document root with insufficient access control, enabling a remote attacker to retrieve sensitive information via a simple GET request. Nessus plugin NASL-21019 corroborates that the installation data directory...
CVE-2006-1696
Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 is reported. The issue allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Affected product: Gallery (phased before 1.5.3). CVSS v2 base score 4.3 (Medium) with Network attack vector, low to me...