VYPR

My Photo Gallery

by My Photo Gallery

CVEs (5)

  • CVE-2026-2024HigFeb 14, 2026
    risk 0.49cvss 7.5epss 0.01

    The PhotoStack Gallery plugin for WordPress is vulnerable to SQL Injection via the 'postid' parameter in all versions up to, and including, 0.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes…

  • CVE-2024-37442LowJul 9, 2024
    risk 0.25cvss 3.8epss 0.00

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1.

  • CVE-2008-5641Dec 17, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

  • CVE-2005-3986Dec 4, 2005
    risk 0.03cvss epss 0.03

    Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parameter in content.php.

  • CVE-2003-1525Dec 31, 2003
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors.