VYPR
Vendor

Gallery Project

Gallery or Menalto Gallery is an open-source project enabling management and publication of digital photographs and other media through a PHP-enabled web server. Photo manipulation includes automatic thumbnails, resizing, rotation, and flipping, among other things. Albums can be organized hierarchically and individually controlled by administrators or privileged users.

Products
3
CVEs
41
Across products
42
Status
Private

Products

3

Recent CVEs

41
View all 41 CVEs →
  • CVE-2026-39399CriApr 14, 2026
    risk 0.55cvss 9.6epss 0.01

    NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a crafted nuspec file with malicious metadata, leading to cross package…

  • CVE-2002-1412Apr 11, 2003
    risk 0.06cvss epss 0.40

    Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.

  • CVE-2004-2124Dec 31, 2004
    risk 0.04cvss epss 0.07

    The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412.

  • CVE-2003-1227Dec 31, 2003
    risk 0.04cvss epss 0.07

    PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than…

  • CVE-2008-3555Aug 8, 2008
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and…

  • CVE-2007-2068Apr 18, 2007
    risk 0.03cvss epss 0.03

    Multiple PHP remote file inclusion vulnerabilities in the StoreFront mods for Gallery allow remote attackers to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter to (1) mods/business_functions.php or (2) mods/ui_functions.php.

  • CVE-2006-1219Mar 14, 2006
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

  • CVE-2006-1128Mar 9, 2006
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is…

  • CVE-2006-1127Mar 9, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.

  • CVE-2004-1466Dec 31, 2004
    risk 0.03cvss epss 0.05

    The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary directory every 30 seconds after they have been uploaded using save_photos.php, which allows remote attackers to upload and execute execute arbitrary scripts before they are deleted, if…

  • CVE-2003-0614Aug 27, 2003
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.

  • CVE-2013-2087May 14, 2014
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) movie title to modules/gallery/controllers/movies.php or (2) key variable to modules/gallery/views/error_admin.html.php.

  • CVE-2013-2138Oct 10, 2013
    risk 0.00cvss epss 0.03

    The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack.

  • CVE-2012-4343Aug 15, 2012
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.

  • CVE-2012-4342Aug 15, 2012
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2008-5296Dec 1, 2008
    risk 0.00cvss epss 0.01

    Gallery 1.5.x before 1.5.10 and 1.6 before 1.6-RC3, when register_globals is enabled, allows remote attackers to bypass authentication and gain administrative via unspecified cookies. NOTE: some of these details are obtained from third party information.

  • CVE-2008-4130Sep 18, 2008
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."

  • CVE-2008-4129Sep 18, 2008
    risk 0.00cvss epss 0.02

    Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload)…

  • CVE-2008-3662Sep 18, 2008
    risk 0.00cvss epss 0.02

    Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

  • CVE-2008-3600Aug 12, 2008
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter within a modload action.