CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-9229

In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.2%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://cybersecurityworks.com/zerodays/cve-2015-9229-nextgen-gallery.html
https://github.com/cybersecurityworks/Disclosed/issues/5
https://cybersecurityworks.com/zerodays/cve-2015-9229-nextgen-gallery.html
https://github.com/cybersecurityworks/Disclosed/issues/5

Products affected by CVE-2015-9229

Imagely » Nextgen Gallery » Version: 2.1.15

cpe:2.3:a:imagely:nextgen_gallery:2.1.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-9229

Products

Pricing

Contact Us