Show filters
179 Total Results
Displaying 91-100 of 179
Sort by:
Attacker Value
Unknown

CVE-2018-14478

Disclosure Date: May 07, 2019 (last updated November 08, 2023)
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
0
0
Attacker Value
Unknown

CVE-2014-4612

Disclosure Date: March 16, 2018 (last updated November 08, 2023)
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-2324

Disclosure Date: February 19, 2018 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-9312

Disclosure Date: August 28, 2017 (last updated November 26, 2024)
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
0
0
Attacker Value
Unknown

CVE-2017-12977

Disclosure Date: August 21, 2017 (last updated November 26, 2024)
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
0
0
Attacker Value
Unknown

CVE-2015-7386

Disclosure Date: September 28, 2015 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) Media Title or (2) Media Subtitle fields.
0
0
Attacker Value
Unknown

CVE-2015-2983

Disclosure Date: August 22, 2015 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the authentication of arbitrary users.
0
0
Attacker Value
Unknown

CVE-2015-2982

Disclosure Date: August 22, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified input to admin.php.
0
0
Attacker Value
Unknown

CVE-2015-6528

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Gallery (CPG) 1.5.36 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username, (2) admin_password, (3) admin_email, (4) dbserver, (5) dbname, (6) dbuser, (7) dbpass, (8) table_prefix, or (9) impath parameter.
0
0
Attacker Value
Unknown

CVE-2015-3923

Disclosure Date: June 10, 2015 (last updated October 05, 2023)
Coppermine Photo Gallery before 1.5.36 allows remote attackers to enumerate directories via a full path in the folder parameter to minibrowser.php.
0
0
View More Topics  < Previous  Next >