Page 8 of 38 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 1

Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. Vulnerabilidad en sitios cruzados en search.php de Gallery 1.1 a 1.3.4 permite a atacantes remotos insertar script web mediante el parámetro searchstring • https://www.exploit-db.com/exploits/22961 http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0 http://marc.info/?l=bugtraq&m=106252092421469&w=2 http://www.debian.org/security/2003/dsa-355 http://www.securityfocus.com/archive/1/330676 http://www.securityfocus.com/archive/1/348641/30/21790/threaded •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter. • http://www.securityfocus.com/archive/1/304611 http://www.securityfocus.com/bid/6489 https://exchange.xforce.ibmcloud.com/vulnerabilities/10943 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0260.html http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=64&mode=thread&order=0&thold=0 http://www.iss.net/security_center/static/10943.php http://www.securityfocus.com/bid/6489 •