CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gallery Project: >> Gallery >> 1.5.2_rc2 Security Vulnerabilities

CVE-2006-1696

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CVSS Score

4.3

EPSS Score

0.005

Published

2006-04-11

CVE-2006-0587

Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file.

CVSS Score

6.5

EPSS Score

0.022

Published

2006-02-08

CVE-2006-0330

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).

CVSS Score

4.3

EPSS Score

0.013

Published

2006-01-21

Page 1

Vulnerabilities

Vulnerable Software

Gallery Project: >> Gallery >> 1.5.2_rc2 Security Vulnerabilities

Products

Pricing

Contact Us