Gallery Project CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2005-2596	1 Gallery Project	1 Gallery	2025-04-03	N/A
User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.
CVE-2005-2734	1 Gallery Project	1 Gallery	2025-04-03	N/A
Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
CVE-2004-0522	2 Debian, Gallery Project	2 Debian Linux, Gallery	2025-04-03	N/A
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
CVE-2005-4022	1 Gallery Project	1 Gallery	2025-04-03	N/A
Cross-site scripting (XSS) vulnerability in the "Add Image From Web" feature in Gallery 2.0 before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
CVE-2006-4030	1 Gallery Project	1 Gallery	2025-04-03	N/A
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs."
CVE-2002-2123	1 Gallery Project	1 Gallery	2025-04-03	N/A
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
CVE-2003-0614	1 Gallery Project	1 Gallery	2025-04-03	N/A
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
CVE-2006-0587	1 Gallery Project	1 Gallery	2025-04-03	N/A
Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.
CVE-2012-4919	1 Gallery Project	1 Gallery	2024-11-21	9.8 Critical
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability

« first previous Page 2 of 2.