Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-9228 | 1 Imagely | 1 Nextgen Gallery | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php. | |||||
CVE-2015-9229 | 1 Imagely | 1 Nextgen Gallery | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter. |