Vulnerabilities > CVE-2005-2734 - Unspecified vulnerability in Gallery Project Gallery
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN gallery-project
nessus
Summary
Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Vulnerable Configurations
Nessus
NASL family CGI abuses : XSS NASL id GALLERY_EXIF_XSS.NASL description According to its banner, the version of Gallery hosted on the remote web server is prone to script insertion attacks because it does not sanitize malicious EXIF data stored in image files. Using a specially crafted image file, an attacker can exploit this flaw to cause arbitrary HTML and script code to be executed in a user last seen 2020-06-01 modified 2020-06-02 plugin id 19512 published 2005-08-27 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19512 title Gallery EXIF Data XSS NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1148.NASL description Several remote vulnerabilities have been discovered in gallery, a web-based photo album. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-2734 A cross-site scripting vulnerability allows injection of web script code through HTML or EXIF information. - CVE-2006-0330 A cross-site scripting vulnerability in the user registration allows injection of web script code. - CVE-2006-4030 Missing input sanitising in the stats modules allows information disclosure. last seen 2020-06-01 modified 2020-06-02 plugin id 22690 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22690 title Debian DSA-1148-1 : gallery - several vulnerabilities
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285
- http://marc.info/?l=bugtraq&m=112511025414488&w=2
- http://marc.info/?l=bugtraq&m=112511025414488&w=2
- http://secunia.com/advisories/16594/
- http://secunia.com/advisories/16594/
- http://secunia.com/advisories/21502
- http://secunia.com/advisories/21502
- http://securitytracker.com/id?1014800
- http://securitytracker.com/id?1014800
- http://sourceforge.net/project/shownotes.php?release_id=352576
- http://sourceforge.net/project/shownotes.php?release_id=352576
- http://www.securityfocus.com/bid/14668
- http://www.securityfocus.com/bid/14668
- http://www.us.debian.org/security/2006/dsa-1148
- http://www.us.debian.org/security/2006/dsa-1148
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22020
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22020