Vulnerabilities > Gallery Project > Gallery > 1.3.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-11 | CVE-2006-1696 | Cross-Site Scripting vulnerability in Gallery Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network gallery-project | 4.3 |
2006-01-21 | CVE-2006-0330 | HTML Injection vulnerability in Gallery User Name Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). network gallery-project | 4.3 |
2005-08-17 | CVE-2005-2596 | Unspecified vulnerability in Gallery Project Gallery 1.3.4 User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | 4.6 |
2003-08-27 | CVE-2003-0614 | Unspecified vulnerability in Gallery Project Gallery Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. network gallery-project | 4.3 |