CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Planet Concept: >> Planetgallery Security Vulnerabilities

CVE-2006-3676

admin/gallery_admin.php in planetGallery before 14.07.2006 allows remote attackers to execute arbitrary PHP code by uploading files with a double extension and directly accessing the file in the images directory, which bypasses a regular expression check for safe file types.

CVSS Score

5.1

EPSS Score

0.007

Published

2006-07-24

CVE-2006-2116

planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.

CVSS Score

7.5

EPSS Score

0.034

Published

2006-05-01

Page 1

Vulnerabilities

Vulnerable Software

Planet Concept: >> Planetgallery Security Vulnerabilities

Products

Pricing

Contact Us