CVE-2010-2126
- EPSS 1.58%
- Veröffentlicht 01.06.2010 21:30:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the cfg_admin_path parameter to (1) index.php, (2) view.php, (3) image.php, (4) search.php, (5) admin/index.ph...
CVE-2006-1826
- EPSS 0.32%
- Veröffentlicht 18.04.2006 10:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery 3.1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in view.php, (2) keyword parameter in search.php, and (3) image_id p...
CVE-2005-4244
- EPSS 0.73%
- Veröffentlicht 14.12.2005 11:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php.
CVE-2005-4245
- EPSS 0.95%
- Veröffentlicht 14.12.2005 11:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in search.php in Snipe Gallery 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.