VYPR

Gallery

by Invision Power Services

CVEs (26)

  • CVE-2019-20559Mar 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019).

  • CVE-2019-20555Mar 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x) software. The Gallery app allows attackers to view all pictures of a locked device. The Samsung ID is SVE-2019-15189 (October 2019).

  • CVE-2020-10853Mar 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 (January 2020).

  • CVE-2006-6370Dec 7, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remote attackers to cause a denial of service and possibly have other impacts, as demonstrated using a "SELECT BENCHMARK" statement in the img parameter in a doaddcomment operation in…

  • CVE-2006-2202May 4, 2006
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in post.php in Invision Gallery 2.0.6 allows remote attackers to execute arbitrary SQL commands via the album parameter.

  • CVE-2005-3477Nov 3, 2005
    risk 0.00cvss epss 0.01

    Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by Internet Explorer due to…

Page 2 of 2