Page 24 of 217 results (0.013 seconds)

CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 2

The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. La funcionalidad edit profile en ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT AND MYSQL versión 1.0, permite a atacantes remotos cargar archivos • https://www.exploit-db.com/exploits/49167 https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 2

The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. La funcionalidad add artwork en ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT AND MYSQL versión 1.0, permite a atacantes remotos cargar archivos Artworks Gallery version 1.0 suffers from multiple remote shell upload vulnerabilities. • https://www.exploit-db.com/exploits/49166 https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution. La galería Coppermine versiones anteriores a 1.4.26, presenta una vulnerabilidad de comprobación de entrada que permite una ejecución de código. • https://forum.coppermine-gallery.net/index.php/topic%2C63510.0.html https://seclists.org/oss-sec/2010/q1/121 https://www.openwall.com/lists/oss-security/2011/08/19/7 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

The reflex-gallery plugin before 1.4.3 for WordPress has XSS. El plugin reflex-gallery anterior a 1.4.3 para WordPress tiene XSS. The reflex-gallery plugin before 1.4.3 for WordPress has XSS via Edit Content URL field. • https://wordpress.org/plugins/reflex-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Contest Gallery versiones anteriores a 10.4.5, permite a los atacantes remotos secuestrar la autenticación de administradores por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN80925867/index.html https://wordpress.org/plugins/contest-gallery https://wpvulndb.com/vulnerabilities/9436 • CWE-352: Cross-Site Request Forgery (CSRF) •