Show filters
200 Total Results
Displaying 131-140 of 200
Sort by:
Attacker Value
Unknown

CVE-2010-4693

Disclosure Date: January 11, 2011 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
0
0
Attacker Value
Unknown

CVE-2009-4934

Disclosure Date: July 12, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in Online Photo Pro 2.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
0
0
Attacker Value
Unknown

CVE-2010-1461

Disclosure Date: April 16, 2010 (last updated October 04, 2023)
Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
0
0
Attacker Value
Unknown

CVE-2008-7186

Disclosure Date: September 09, 2009 (last updated October 04, 2023)
Coppermine Photo Gallery (CPG) 1.4.14 does not restrict access to update.php, which allows remote attackers to obtain sensitive information such as the database table prefix via a direct request. NOTE: this might be leveraged for attacks against CVE-2008-0504.
0
0
Attacker Value
Unknown

CVE-2008-7187

Disclosure Date: September 09, 2009 (last updated October 04, 2023)
Coppermine Photo Gallery (CPG) 1.4.14 allows remote attackers to obtain sensitive information via a direct request to include/slideshow.inc.php, which leaks the installation path in an error message.
0
0
Attacker Value
Unknown

CVE-2009-1616

Disclosure Date: May 11, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via the css parameter, a different vector than CVE-2008-0505.
0
0
Attacker Value
Unknown

CVE-2008-6648

Disclosure Date: April 07, 2009 (last updated October 04, 2023)
SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.
0
0
Attacker Value
Unknown

CVE-2008-6649

Disclosure Date: April 07, 2009 (last updated October 04, 2023)
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
0
0
Attacker Value
Unknown

CVE-2008-6647

Disclosure Date: April 07, 2009 (last updated October 04, 2023)
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
0
0
Attacker Value
Unknown

CVE-2008-5641

Disclosure Date: December 17, 2008 (last updated October 04, 2023)
SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
0
0
View More Topics  < Previous  Next >