Vulnerabilities > Gallery Project > Gallery > 1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-16 | CVE-2006-4030 | Information Disclosure vulnerability in Gallery Stats Module Unspecified Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to "two file exposure bugs." Update to version 1.5-pl1. | 5.0 |
| 2003-08-27 | CVE-2003-0614 | Unspecified vulnerability in Gallery Project Gallery Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. network gallery-project | 4.3 |
| 2003-04-11 | CVE-2002-1412 | Remote File Include vulnerability in Bharat Mediratta Gallery Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script. | 7.5 |
| 2001-10-02 | CVE-2001-1234 | Remote Arbitrary Code Execution vulnerability in Gallery Project Gallery 1.1/1.2/1.2.1 Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | 7.5 |