CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2006-1696
https://notcve.org/view.php?id=CVE-2006-1696
11 Apr 2006 — Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://secunia.com/advisories/19580 •
CVSS: 8.0EPSS: 2%CPEs: 16EXPL: 0CVE-2006-0587
https://notcve.org/view.php?id=CVE-2006-0587
08 Feb 2006 — Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file. Vulnerabilidad no especificada en util.php de Gallery anteriores a 1.5.2-pl12 permite a usuarios remotos autenticados engañar a un propietario para modificar datos de álbumes almacenados y posiblemente ejecutar código de su elección mediante vectores no... • http://archives.neohapsis.com/archives/bugtraq/2006-02/0224.html •
CVSS: 6.1EPSS: 1%CPEs: 16EXPL: 0CVE-2006-0330
https://notcve.org/view.php?id=CVE-2006-0330
21 Jan 2006 — Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285 •
CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2005-2734
https://notcve.org/view.php?id=CVE-2005-2734
29 Aug 2005 — Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285 •