VYPR

Easy Gallery

by Opendock

CVEs (2)

  • CVE-2024-9018HigOct 1, 2024
    risk 0.57cvss 8.8epss 0.00

    The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘key’ parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation…

  • CVE-2006-5241Oct 12, 2006
    risk 0.03cvss epss 0.04

    Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) file.php; (2) find_user.php, (3) lib_user.php, (4)…