Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Photo gallery'
2018-02-19
CVE-2015-2324
CWE-79
Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.
2017-08-28
CVE-2014-9312
CWE-434
Unrestricted File Upload vulnerability in Photo Gallery 1.2.5.
2017-08-20
CVE-2017-12977
CWE-89
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in admin/controllers/BWGControllerTags_bwg.php. It is exploitable by administrators via the tag_id parameter.
2015-02-02
CVE-2015-1393
CWE-89
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create gallery request in the galleries_bwg page to wp-admin/admin.php.
2015-01-16
CVE-2015-1055
CWE-89
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php.
>>>
Vendor:
Web-dorado
14
Products
Photo gallery
Web-dorado spider video player
Spider facebook
Spider calendar
Ecommerce wd
Spider catalog
Spider event calendar
Event calendar wd
Contact form maker
Gallery wd
Form maker
Wp form builder
Backup-wd
Spidercatalog
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Photo gallery' 