VYPR

Brilliant Gallery

by Drupal

CVEs (3)

  • CVE-2008-4531Oct 9, 2008
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338.

  • CVE-2008-4530Oct 9, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers.

  • CVE-2008-4338Sep 30, 2008
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the brilliant_gallery_checklist_save function in the bgchecklist/save script in Brilliant Gallery 5.x and 6.x, a module for Drupal, allows remote authenticated users with "access brilliant_gallery" permissions to execute arbitrary SQL commands via…