CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-0113
https://notcve.org/view.php?id=CVE-2006-0113
Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application via a direct request to sp_helper_functions.php, which leaks the pathname in an error message. • http://osvdb.org/ref/22/22201-espg.txt http://secunia.com/advisories/18310 http://www.osvdb.org/22417 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2006-0112
https://notcve.org/view.php?id=CVE-2006-0112
Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. • http://osvdb.org/ref/22/22201-espg.txt http://secunia.com/advisories/18310 http://www.osvdb.org/22201 http://www.vupen.com/english/advisories/2006/0036 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0086
https://notcve.org/view.php?id=CVE-2006-0086
Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php de Next Generation Image Gallery 0.0.1 Lite Edition permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el parámetro "page". • http://osvdb.org/ref/22/22202-nextgen.txt http://secunia.com/advisories/18309 http://www.osvdb.org/22202 http://www.vupen.com/english/advisories/2006/0037 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2005-4022
https://notcve.org/view.php?id=CVE-2005-4022
Cross-site scripting (XSS) vulnerability in the "Add Image From Web" feature in Gallery 2.0 before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. • http://secunia.com/advisories/17747 http://www.osvdb.org/21221 http://www.securityfocus.com/archive/1/418200/100/0/threaded http://www.securityfocus.com/bid/15614 http://www.vupen.com/english/advisories/2005/2681 •
CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2005-4021
https://notcve.org/view.php?id=CVE-2005-4021
The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. • http://www.securityfocus.com/archive/1/418200/100/0/threaded http://www.securityfocus.com/bid/15614 http://www.vupen.com/english/advisories/2005/2681 •