Gallery
by Huge It
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1000113 | Cri | 0.64 | 9.8 | 0.03 | Oct 6, 2016 | XSS and SQLi in huge IT gallery v1.1.5 for Joomla | ||
| CVE-2025-49486 | Hig | 0.56 | — | 0.00 | Jul 18, 2025 | A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items. | ||
| CVE-2016-1000114 | Med | 0.40 | 6.1 | 0.01 | Oct 6, 2016 | XSS in huge IT gallery v1.1.5 for Joomla | ||
| CVE-2025-26778 | Med | 0.38 | 5.9 | 0.00 | Feb 17, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1. | ||
| CVE-2025-20969 | 0.00 | — | 0.00 | May 7, 2025 | Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery. | |||
| CVE-2025-20968 | 0.00 | — | 0.00 | May 7, 2025 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery. | |||
| CVE-2025-20967 | 0.00 | — | 0.00 | May 7, 2025 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery. |
- risk 0.64cvss 9.8epss 0.03
XSS and SQLi in huge IT gallery v1.1.5 for Joomla
- risk 0.56cvss —epss 0.00
A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.
- risk 0.40cvss 6.1epss 0.01
XSS in huge IT gallery v1.1.5 for Joomla
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Gallery gallery allows Stored XSS.This issue affects Gallery: from n/a through <= 2.2.1.
- CVE-2025-20969May 7, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
- CVE-2025-20968May 7, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.
- CVE-2025-20967May 7, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.