CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7586 – WordPress Gallery Plugin – NextGEN Gallery <= 2.2.46 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2018-7586
In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. En el plugin nextgen-gallery en versiones anteriores a la 2.2.50 para WordPress, las rutas de galería no son seguras. • https://wordpress.org/plugins/nextgen-gallery/#developers https://wpvulndb.com/vulnerabilities/9033 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000172 – NextGEN Gallery <= 2.2.44 - Cross-Site Scripting via image alt and title text
https://notcve.org/view.php?id=CVE-2018-1000172
Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting (XSS) vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45. Imagely NextGEN Gallery, en versiones 2.2.30 y anteriores, contiene una vulnerabilidad de Cross Site Scripting (XSS) en Image Alt Title Text. El ataque parece ser explotable si una víctima visualiza la imagen en la página de administrador. • https://fortiguard.com/zeroday/FG-VD-17-215 https://wordpress.org/plugins/nextgen-gallery/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10889 – NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion & SQL injection
https://notcve.org/view.php?id=CVE-2016-10889
The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. El plugin nextgen-gallery versiones anteriores a 2.1.57 para WordPress, presenta una inyección SQL por medio de un nombre de galería. • https://wordpress.org/plugins/nextgen-gallery/#developers • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6565 – The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file
https://notcve.org/view.php?id=CVE-2016-6565
The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). El plugin Imagely NextGen Gallery para Wordpress en versiones anteriores a la 2.1.57 no valida correctamente las entradas de usuario en el parámetro cssfile de una petición HTTP POST. Esto podría permitir que un usuario autenticado lea archivos arbitrarios del servidor o ejecute código arbitrario en el servidor en algunas circunstancias (depende de la configuración del servidor). • https://www.kb.cert.org/vuls/id/346175 https://www.securityfocus.com/bid/94356 • CWE-20: Improper Input Validation CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 9.0EPSS: 0%CPEs: 70EXPL: 0CVE-2015-9228 – NextGen Gallery <= 2.1.10 - Unrestricted File Upload
https://notcve.org/view.php?id=CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. En post-new.php en el plugin Photocrati NextGEN Gallery 2.1.10 para WordPress, la subida de archivos sin restricción está disponible mediante el parámetro name, si se cambia una extensión de archivo de .jpg a .php. • http://www.openwall.com/lists/oss-security/2015/10/27/6 https://cybersecurityworks.com/zerodays/cve-2015-9228-crony.html https://github.com/cybersecurityworks/Disclosed/issues/6 https://packetstormsecurity.com/files/135061/WordPress-NextGEN-Gallery-2.1.10-Shell-Upload.html https://wordpress.org/plugins/nextgen-gallery/#developers https://wpvulndb.com/vulnerabilities/9758 • CWE-434: Unrestricted Upload of File with Dangerous Type •