Gallery Project : Security Vulnerabilities, CVEs, Published In 2005 (XSS)

CVE-2005-2734

Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Max CVSS
4.3
EPSS Score
0.49%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-0221

Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote attackers to inject arbitrary web script or HTML via the g2_form[subject] field.
Max CVSS
4.3
EPSS Score
0.92%
Published
2005-01-17
Updated
2017-07-11

CVE-2005-0220

Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inject arbitrary web script or HTML via the username field.
Max CVSS
5.0
EPSS Score
1.68%
Published
2005-05-02
Updated
2017-07-11

CVE-2005-0219

Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_dir fields in slideshow_low.php, or (8) username field in search.php.
Max CVSS
4.3
EPSS Score
0.41%
Published
2005-05-02
Updated
2017-07-11

CVE-2004-1106

Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
Max CVSS
6.8
EPSS Score
4.88%
Published
2005-01-10
Updated
2017-07-11
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close