CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2006-0330
https://notcve.org/view.php?id=CVE-2006-0330
Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285 http://gallery.menalto.com/page/gallery_1_5_2_release http://secunia.com/advisories/18557 http://secunia.com/advisories/18627 http://secunia.com/advisories/21502 http://www.gentoo.org/security/en/glsa/glsa-200601-13.xml http://www.osvdb.org/22660 http://www.securityfocus.com/bid/16334 http://www.us.debian.org/security/2006/dsa-1148 http://www.vupen.com/english/advisories/2006/0282 https://exchange.xforc •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2006-0112
https://notcve.org/view.php?id=CVE-2006-0112
Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. • http://osvdb.org/ref/22/22201-espg.txt http://secunia.com/advisories/18310 http://www.osvdb.org/22201 http://www.vupen.com/english/advisories/2006/0036 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-0113
https://notcve.org/view.php?id=CVE-2006-0113
Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application via a direct request to sp_helper_functions.php, which leaks the pathname in an error message. • http://osvdb.org/ref/22/22201-espg.txt http://secunia.com/advisories/18310 http://www.osvdb.org/22417 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0086
https://notcve.org/view.php?id=CVE-2006-0086
Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php de Next Generation Image Gallery 0.0.1 Lite Edition permite a atacantes remotos inyectar 'script' web o HTML de su elección mediante el parámetro "page". • http://osvdb.org/ref/22/22202-nextgen.txt http://secunia.com/advisories/18309 http://www.osvdb.org/22202 http://www.vupen.com/english/advisories/2006/0037 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2005-4022
https://notcve.org/view.php?id=CVE-2005-4022
Cross-site scripting (XSS) vulnerability in the "Add Image From Web" feature in Gallery 2.0 before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. • http://secunia.com/advisories/17747 http://www.osvdb.org/21221 http://www.securityfocus.com/archive/1/418200/100/0/threaded http://www.securityfocus.com/bid/15614 http://www.vupen.com/english/advisories/2005/2681 •