Page 32 of 198 results (0.007 seconds)

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

CVE-2006-4030

https://notcve.org/view.php?id=CVE-2006-4030

Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs." Vulnerabilidad no especificada en el módulo de estadísticas en Gallery 1.5.1-RC2 y anteriores permite a atacantes remotos obtener información sensible a través de vectores de ataque desconocidos, relacionados con "dos bugs de exposición de archivos". • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285 http://secunia.com/advisories/16594 http://secunia.com/advisories/21502 http://www.debian.org/security/2006/dsa-1148 http://www.securityfocus.com/bid/19453 http://www.vupen.com/english/advisories/2006/3250 •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 2

CVE-2006-3563 – Winged Gallery 1.0 - 'Thumb.php' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2006-3563

Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en gallery/thumb.php de Winged Gallery 1.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro image. • https://www.exploit-db.com/exploits/28102 http://securityreason.com/securityalert/1219 http://www.securityfocus.com/archive/1/438435/100/200/threaded http://www.securityfocus.com/bid/18629 https://exchange.xforce.ibmcloud.com/vulnerabilities/27378 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 3

CVE-2006-1995 – Scry Gallery - Directory Traversal

https://notcve.org/view.php?id=CVE-2006-1995

Directory traversal vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter, which is not properly sanitized due to an rtrim function call with the arguments in the wrong order. • https://www.exploit-db.com/exploits/27724 http://attrition.org/pipermail/vim/2006-April/000716.html http://downloads.securityfocus.com/vulnerabilities/exploits/17649-directory-traversal.exploit http://secunia.com/advisories/19777 http://securityreason.com/securityalert/784 http://www.osvdb.org/24889 http://www.securityfocus.com/archive/1/431716/100/0/threaded http://www.securityfocus.com/bid/17649 http://www.securityfocus.com/bid/17668 http://www.vupen.com/english/advisories/2006/1490 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2006-1996

https://notcve.org/view.php?id=CVE-2006-1996

Scry Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid p parameter, which reveals the path in an error message. • http://attrition.org/pipermail/vim/2006-April/000716.html http://secunia.com/advisories/19777 http://securityreason.com/securityalert/784 http://www.osvdb.org/24890 http://www.securityfocus.com/archive/1/431716/100/0/threaded http://www.securityfocus.com/bid/17668 http://www.vupen.com/english/advisories/2006/1490 https://exchange.xforce.ibmcloud.com/vulnerabilities/25990 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2006-2001 – Scry Gallery 1.1 - 'index.php' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2006-2001

Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this is a different vulnerability than the directory traversal vector. • https://www.exploit-db.com/exploits/27729 http://attrition.org/pipermail/vim/2006-April/000716.html http://secunia.com/advisories/19777 http://securityreason.com/securityalert/783 http://www.osvdb.org/24891 http://www.securityfocus.com/archive/1/431853/100/0/threaded http://www.securityfocus.com/bid/17668 http://www.vupen.com/english/advisories/2006/1490 https://exchange.xforce.ibmcloud.com/vulnerabilities/26101 •