Imgallery Security Vulnerabilities and Issues — Imgallery CVE List

Lucene search

ImgalleryImgallery

3 matches found

CVE•added 2007/01/05 11:28 a.m.•39 views

CVE-2007-0082

users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.

6.5CVSS7.1AI score0.02787EPSS

CVE•added 2006/06/22 10:6 p.m.•33 views

CVE-2006-3163

Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start or (2) sort parameters.

7.5CVSS8.4AI score0.00966EPSS

CVE•added 2008/05/19 1:20 p.m.•28 views

CVE-2008-2337

Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors ...

7.5CVSS8.4AI score0.00966EPSS