Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-0219
CVE-2005-0219
Description
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_dir fields in slideshow_low.php, or (8) username field in search.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:gallery_project:gallery:1.3.4_pl1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gallery_project:gallery:1.3.4_pl1:*:*:*:*:*:*:*
- (no CPE)range: <= 1.3.4-pl1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.