Gallery@1.3.4 Security Vulnerabilities and Issues — Gallery@1.3.4 CVE List

Lucene search

Gallery ProjectGallery1.3.4

5 matches found

CVE•added 2006/01/21 12:3 a.m.•55 views

CVE-2006-0330

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).

4.3CVSS5.6AI score0.01345EPSS

CVE•added 2005/08/17 4:0 a.m.•47 views

CVE-2005-2596

User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.

4.6CVSS6.5AI score0.0009EPSS

CVE•added 2003/08/27 4:0 a.m.•45 views

CVE-2003-0614

Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.

4.3CVSS5.7AI score0.06043EPSS

CVE•added 2006/02/08 1:2 a.m.•43 views

CVE-2006-0587

Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.

6.5CVSS6.6AI score0.02212EPSS

CVE•added 2006/04/11 10:2 a.m.•25 views

CVE-2006-1696

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

4.3CVSS5.7AI score0.00527EPSS