| CVE-2024-30236 | Hig | 0.55 | 8.5 | 0.01 | | Mar 28, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.4. |
| CVE-2024-30238 | Hig | 0.55 | 8.5 | 0.01 | | Mar 27, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.2. |
| CVE-2024-32778 | Hig | 0.50 | 7.7 | 0.00 | | Jun 9, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.4. |
| CVE-2025-22693 | Hig | 0.49 | 7.6 | 0.00 | | Feb 3, 2025 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows SQL Injection.This issue affects Contest Gallery: from n/a through <= 25.1.0. |
| CVE-2024-39631 | Hig | 0.46 | 7.1 | 0.00 | | Aug 1, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2. |
| CVE-2024-30428 | Hig | 0.46 | 7.1 | 0.00 | | Mar 29, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Reflected XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3. |
| CVE-2024-56237 | Med | 0.38 | 5.9 | 0.00 | | Jan 2, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3. |
| CVE-2024-43283 | Med | 0.36 | 5.3 | 0.16 | | Aug 26, 2024 | Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2. |
| CVE-2024-24887 | Med | 0.35 | 5.4 | 0.00 | | Feb 12, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in Contest Gallery Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress.This issue affects Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress: from n/a through 21.2.8.4. |
