Simple Image Gallery
Products
1- 8 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-27040 | Cri | 0.64 | 9.8 | 0.02 | Mar 16, 2023 | Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username parameter. | ||
| CVE-2021-38819 | Hig | 0.57 | 8.8 | 0.01 | Nov 17, 2022 | A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page. | ||
| CVE-2023-1416 | Med | 0.41 | 6.3 | 0.01 | Mar 15, 2023 | A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument social_facebook leads to sql injection. It is possible to launch the attack remotely. The exploit has been… | ||
| CVE-2023-1415 | Med | 0.41 | 6.3 | 0.01 | Mar 15, 2023 | A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the… | ||
| CVE-2021-39313 | Med | 0.40 | 6.1 | 0.01 | Dec 14, 2021 | The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6. | ||
| CVE-2007-4127 | 0.03 | — | 0.03 | Aug 1, 2007 | PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir_abs_src parameter. NOTE: this issue is disputed by multiple third parties,… | |||
| CVE-2008-2675 | 0.00 | — | 0.01 | Jun 12, 2008 | Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2008-1698 | 0.00 | — | 0.01 | Apr 8, 2008 | Cross-site scripting (XSS) vulnerability in gallery.php in Simple Gallery 2.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third… |
- risk 0.64cvss 9.8epss 0.02
Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username parameter.
- risk 0.57cvss 8.8epss 0.01
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page.
- risk 0.41cvss 6.3epss 0.01
A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument social_facebook leads to sql injection. It is possible to launch the attack remotely. The exploit has been…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in Simple Art Gallery 1.0. It has been declared as critical. This vulnerability affects the function sliderPicSubmit of the file adminHome.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-223126 is the…
- risk 0.40cvss 6.1epss 0.01
The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.
- CVE-2007-4127Aug 1, 2007risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir_abs_src parameter. NOTE: this issue is disputed by multiple third parties,…
- CVE-2008-2675Jun 12, 2008risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-1698Apr 8, 2008risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in gallery.php in Simple Gallery 2.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third…