RSS   Vulnerabilities for 'Image gallery'   RSS

2010-01-05
 
CVE-2009-4569

CWE-89
 

 
SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/.

 
2009-04-27
 
CVE-2009-1446

CWE-20
 

 
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of these details are obtained from third party information.

 
2008-11-12
 
CVE-2008-5037

CWE-89
 

 
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

 
2007-06-27
 
CVE-2007-3461

 

 
SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.

 

 >>> Vendor: Elkagroup 2 Products
Image gallery
Elkapax cms


Copyright 2024, cxsecurity.com

 

Back to Top