3 matches found
CVE-2021-38819
CVE-2021-38819 affects the Simple Image Gallery System 1.0. A SQL injection exists via the “id” parameter on the album page, with CVSS v3.1 base score 8.8 (HIGH) and impacts to Confidentiality, Integrity, and Availability. Exploitation is listed as network-based with low attack complexity, requir...
CVE-2021-38753
The CVE-2021-38753 entry concerns Simple Image Gallery Web App, with an unrestricted file upload vulnerability that can be exploited to upload a web shell and execute it, potentially gaining unauthorized access to the hosting server. Multiple sources describe an access control/file-upload flaw en...
CVE-2023-27040
CVE-2023-27040 affects Simple Image Gallery v1.0, with a remote code execution (RCE) vulnerability exploitable via the username parameter. Connected sources confirm the issue leads to high-impact outcomes (CONFIDENTIALITY, INTEGRITY, AVAILABILITY all at HIGH) and indicate network-level access wit...