Type Photo Gallery Software

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Vendor »

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product »

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation »

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability »

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector »

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication »

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction »

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day »

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today »

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume »

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities »

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (327): .matteoiammarrone Iamma Simple Gallery, 4images Image Gallery Management System, 4Images Image Gallery Management System, 10Web Photo Gallery Plugin, 10Web Photo Gallery plugin, 20 20 Applications 20 20 Auto Gallery, 35mm Slide Gallery, 321soft PhP-Gallery, Activewebsoftwares Active Photo Gallery, Active Web Softwares Active Photo Gallery, Akirapowered Image Gallery, Alexred Com Oziogallery, Alex Rabe NextGEN Gallery, all-video-gallery, All Video Gallery Plugin, Andy Mack 35mmslidegallery, AnimeGenesis Gallery, Anshul Sharma Category-grid-view-gallery, An image gallery, Apache::Gallery, Apptha Contus Video Gallery, Apptha Video Gallery Plugin, Architecture Template, Artworks Gallery in PHP, CSS, JavaScript, and MySQL, ARWScripts Gallery Script Lite, AWScripts Gallery Search Engine, Best Gallery Albums Plugin, Bharat Mediratta Gallery, Blue-Collar Productions i-Gallery, Blue-collar Productions i-Gallery, Blue-collar Productions I-gallery, Blueconstantmedia Com Djartgallery, Bodo Bauer BBGallery, Brunetton LittlePhpGallery, ClickTech Clickgallery, Clicktech ClickGallery, Codeasily GRAND FlAGallery, Comdev Photo Gallery, Contest Gallery, Cool Video Gallery Plugin, Coppermine-gallery Photo Gallery, Coppermine Coppermine Photo Gallery, coppermine Photo Gallery, Coppermine Photo Gallery, Coppermine Photo Gallery, Crafty Syntax Image Gallery, Crux Software Gallery, CS-Gallery, Dale Mooney Moon Gallery, Daniel Lienert Yet Another Gallery, Dan Brown Moa Gallery, Datachecknh GalleryPal FE, David Alkire Drag , David Alkire Drop Gallery, Davlin Thickbox Gallery, DBImageGallery, Dbscripts DBImageGallery, DevelopItEasy Photo Gallery, Digitalzoomstudio Video Gallery, Digital Eye Gallery, DJ-ArtGallery Component, Dmitry Sheiko SAPID Gallery, Dreampics Gallery Builder, Drupal Brilliant Gallery, Duma Photo Gallery System, Duware DUGallery, Easy Photo Gallery, Elkagroup Image Gallery, elkagroup Image Gallery, ElkaGroup Image Gallery, Encaps EncapsGallery, Enhanced Simple PHP Gallery, Envato Complete Gallery Manager plugin, Envira Photo Gallery Plugin, EZGallery, EZOnlineGallery, Ezphotogallery, Final Tiles Gallery Plugin, Fipsasp fipsGallery, Flash-album-gallery, Flash Photo Gallery, flickr-justified-gallery Plugin, FOSS Gallery, Fr. Simon Rundell Hs Religiousartgallery, Francisco Burzi Gallery, Francisco Charrua Photo-Gallery, freePHPgallery, FsPHPGallery, G5-Scripts Auto-Img-Gallery, Gallarific PHP Photo Gallery script, Gallery, gallery-by-supsystic Plugin, gallery-photo-gallery Plugin, Gallery Directory, Gallery Image Gallery Web Application, Gallery My Photo Gallery, Gallery Photo Album Package, Gallery - Photo Albums - Portfolio Plugin, Gallery 3, Gallery Objects, Gallery WD, Gb-plugins GB Gallery Slideshow, Geoffrey Golliher Axiom Photo News Gallery, Gnugallery, Gtasoft PhotoKorn Gallery, Hdwplayer hdw-player-video-player-video-gallery, Hitmaaan Hitmaaan Gallery, hp Photo And Imaging Gallery, Huawei AppGallery, Huge-IT Gallery, Huge-IT Image Gallery, Huge-IT Portfolio Gallery Manager, Huge-IT Portfolio Gallery Plugin, Huge-IT Video Gallery, Ice Gallery, Ikemcg phpInstantGallery, image-gallery-with-slideshow, ImageFolio Image Gallery, ImageGalleryPlugin, Imagely NextGEN Gallery, Imagely NextGEN Gallery Plugin, Image Gallery Plugin, Image Gallery with Access Database, IMGallery, IM Gallery, insta-gallery Plugin, Instant Photo Gallery, Invision Power Services Invision Gallery, Invision Power Services IP.Gallery, Itamar Elharar Com Musicgallery, Ivan Gallery Script, Japanese PHP Gallery Hosting, JEXTN Video Gallery Extension, Jimmac Original Photo Gallery, Jmb Software Autogallery, Jmk Web Scripts Jmk Picture Gallery, John Bradshaw Np Gallery Plugin, Joonas Viljanen JV2 Folder Gallery, Justin Ellison Node Gallery, Justjoomla Carousel Flash Image Gallery, JV2 Folder Gallery, JV2 Quick Gallery, Jv2design JV2 Folder Gallery, Keil-software Photokorn Gallery, Kerberosdev Gallery In A Box, Keyvan1 ImageGallery, Kkeim Kmita Gallery, Kmita Gallery, Kooijman-design jGallery, KoschtIT KoschtIT Image Gallery, Kubik-Rubik Simple Image Gallery Extended, Le Ralf Ralf Image Gallery, Lightbox Photo Gallery, limb-gallery Plugin, Magic Photo Storage Website, magic photo storage website, Magnifica Webscripts Anima Gallery, Maian Gallery, Maianscriptworld Maian Gallery, Mambo Com Gallery, Mambo Mambo Gallery Manager, Manuel Garcia galleryformatter, Marcel Brinkkemper Lazyest-gallery, Masselink Com Picasa2gallery, Matteo Binda ASP Photo Gallery, Maxdev My Egallery, MAXdev My Egallery, McGallery, mcGalleryPRO, Mcgallerypro mcGallery, Mcgallery Pro, mcGallery PRO, Mediaslash.com MediaSlash Gallery, Menalto Gallery, Menalto gallery, Menalto Gallery Publish Xp Module, Menalto Gallery Webcam Module, Microsoft Clip Art Gallery, MindDezign Photo Gallery, Minimal Design minimal Gallery, Minishowcase Minishowcase Image Gallery, mmgallery, MMS Gallery MMS Gallery PHP, MMS Gallery PHP, Moagallery Moa, Modula Image Gallery Plugin, MODX Revolution Gallery, mojoscripts mojoGallery, MooseGallery, Mxmania Gallery MX, Mydyngallery, myPHPNuke Myphpnuke My Egallery, MyPicGallery, My_eGallery Module, My Gallery, My Image Gallery, My Photo Gallery, nextgen-gallery Plugin, NextGEN Gallery, Next Generation Image Gallery, Nitropowered NiTrO Web Gallery, Nitropowered NITRO Web Gallery, NP_Gallery Plugin, NuGetGallery, Nukedgallery Gallery, Obsession-Design Image-Gallery, Omilenitsolutions Com Omphotogallery, Ontarioabandonedplaces A Better Member-Based ASP Photo Gallery, OpenDock Easy Gallery, Particle Gallery, Particle Soft Particle Gallery, Paul Griffin Simple PHP Gallery, PAXXGallery Com Paxxgallery, Pensacola Web Designs Xtremeasp Photogallery, Pensacola Web Designs Xtreme ASP Photo Gallery, Percha Com Perchagallery, photo-gallery Plugin, photoblocks-grid-gallery Plugin, Photocrati NextGEN Gallery, PhotoGal PhotoGal Photo Gallery, Photogallerycreator Flash-album-gallery, Photokorn Gallery, PhotoPost PhotoPost vBGallery, Photo Gallery, Photo Gallery plugin, Phpexplorer phPhotoGallery, Phpgalleryscript PHP Free Photo Gallery, PHPmyGallery, PHPQuickGallery, PHPWebGallery, Phpwebgallery, PhpWebGallery, PHP Kobo Photo Gallery CMS, Php Web Scripts Dynamic Photo Gallery, PinkCrow Designs Designs Gallery Magazin, Piwigo, pixaria Pixaria Gallery, Pixaria Pixaria Gallery, Planetluc MyGallery, Planet Concept planetGallery, Plohni An image gallery, Pony Gallery, Powerdev EncapsGallery, Powerplay Gallery Plugin, Puntolatinoclub Gallery Assist module, Quick Digital Image Gallery, R2K R2K Gallery, Ralf Image Gallery, RBX Gallery, Red Mexico RM+Soft Gallery, reflex-gallery Plugin, ReFlex Gallery Plugin, rGallery plugin, RMSOFT Gallery System, RSGallery2 Com Rsgallery2, SanyBee Gallery, Scriptaty magic photo storage website, Scry Gallery, Sebastian-thiele ST-Gallery, Selbstzweck rGallery plugin, Sergey Kiselev SGallery, SimpleGallery, Simple PHP Scripts gallery, Simple Php Scripts Gallery, Singapore Gallery, Singapore Image Gallery Web Application, Skrypty PPA Gallery, Skrypty Ppa Gallery, Skyphe File-gallery, Snaps Gallery, Snipegallery Snipe Gallery, Snipe Gallery, Social Photo Gallery plugin, Softbiz Image Gallery, SoftComplex PHP Image Gallery, Softcomplex PHP Image Gallery, Splitside Directory Image Gallery, Squitosoft Squito Gallery, StoreFront Gallery, Tenyearsgone ASP Folder Gallery, Terong Advanced Web Photo Gallery, TFTgallery, TFT Gallery, Tft Gallery, ThemeMakers Invento Responsive Gallery, tidio-gallery Plugin, TinyWebGallery, Tomex phpGalleryScript, Tribulant Slideshow Gallery Plugin, Tribulant Tibulant Slideshow Gallery, Tribulant Slideshow Gallery Plugin, TYPO3 Ws Gallery, TYPO3 WT Gallery, TYPO3 Wt Gallery, Uapplication UPhotoGallery, Uapplication Uphotogallery, unite-gallery-lite Plugin, Vacilanda Brilliant Gallery, Ventrian Simple Gallery, Verosky Media Instant Photo Gallery, Video Gallery Plugin, w00t Gallery, Wabbit PHP Gallery, Wabbit Wabbit PHP Gallery, Web-Dorado Photo Gallery, Web-Dorado Photo Gallery by WD - Responsive Photo Gallery, Webgeneius GOOP Gallery, webGENEius GOOP Gallery, webmaster-tips.net Flash Image Gallery, Winged Gallery, Wingnut EasyGallery, woo-variation-gallery Plugin, Wotlab Community Gallery, wpape APE Gallery, Wpgetready NextCellent Gallery, wptf-image-gallery Plugin, XeroXer Simple one-file gallery, Xigla Absolute Image Gallery XE, Xigla Absolute Image Gallery Xe, xodagallery, Xondie Vodpod Video Gallery, XOOPS Xoops Rmsoft Gallery System, Xoops Xoops Rmsoft Gallery System, Xtreme ASP Photo Gallery, Yuriy V Semenikhin YVS Image Gallery, zm-gallery Plugin, zOOm Media Gallery

PublishedBaseTempVulnerabilityProdExpRemCTICVE
11/17/20206.36.3Artworks Gallery in PHP, CSS, JavaScript, and MySQL Artwork unrestricted uploadArtworks Gallery in PHP, CSS, JavaScript, and MySQLNot DefinedNot Defined0.06CVE-2020-28688
11/17/20206.36.3Artworks Gallery in PHP, CSS, JavaScript, and MySQL unrestricted uploadArtworks Gallery in PHP, CSS, JavaScript, and MySQLNot DefinedNot Defined0.07CVE-2020-28687
06/22/20204.84.6Final Tiles Gallery Plugin admin-ajax.php cross site scriptingFinal Tiles Gallery PluginNot DefinedOfficial Fix0.00CVE-2020-14962
06/09/20204.44.3NuGetGallery cross site scriptingNuGetGalleryNot DefinedOfficial Fix0.09CVE-2020-1340
03/26/20204.44.1Piwigo ws.php pwgimagessetInfo Stored cross site scriptingPiwigoNot DefinedNot Defined0.05CVE-2020-9467
02/25/20204.13.910Web Photo Gallery Plugin Stored cross site scriptingPhoto Gallery PluginNot DefinedOfficial Fix0.00CVE-2020-9335
02/25/20204.74.7Envira Photo Gallery Plugin Stored cross site scriptingPhoto Gallery PluginNot DefinedNot Defined0.00CVE-2020-9334
02/20/20204.44.3Modula Image Gallery Plugin Stored cross site scriptingModula Image Gallery PluginNot DefinedOfficial Fix0.06CVE-2020-9003
02/10/20204.44.1Piwigo Group Stored cross site scriptingPiwigoNot DefinedNot Defined0.00CVE-2020-8089
12/02/20195.24.9Piwigo Incomplete Fix CVE-2012-4525 password.php cross site scriptingPiwigoNot DefinedOfficial Fix0.06CVE-2012-4526
12/02/20195.24.9Piwigo password.php cross site scriptingPiwigoNot DefinedOfficial Fix0.00CVE-2012-4525
11/26/20196.46.1NextGEN Gallery path traversalNextGEN GalleryNot DefinedOfficial Fix0.00CVE-2015-9538
11/26/20194.44.3NextGEN Gallery cross site scriptingNextGEN GalleryNot DefinedOfficial Fix0.00CVE-2015-9537
11/18/20197.07.0Social Photo Gallery plugin Album input validationSocial Photo Gallery pluginNot DefinedNot Defined0.00CVE-2019-14467
10/11/20196.46.4ThemeMakers Invento Responsive Gallery wp_users.dat information disclosureThemeMakers Invento Responsive Gallery/Architecture TemplateNot DefinedNot Defined0.00CVE-2015-9483
09/26/20195.45.1unite-gallery-lite Plugin admin.php cross-site request forgeryunite-gallery-lite PluginNot DefinedOfficial Fix0.05CVE-2015-9447
09/26/20197.57.2unite-gallery-lite Plugin admin-ajax.php sql injectionunite-gallery-lite PluginNot DefinedOfficial Fix0.07CVE-2015-9446
09/26/20196.56.2unite-gallery-lite Plugin admin-ajax.php unitegallery_ajax_action cross-site request forgeryunite-gallery-lite PluginNot DefinedOfficial Fix0.00CVE-2015-9445
09/13/20198.38.3Piwigo cross site scriptingPiwigoNot DefinedNot Defined0.08CVE-2019-13364
09/13/20198.38.3Piwigo cross site scriptingPiwigoNot DefinedNot Defined0.00CVE-2019-13363
09/13/20195.95.9zm-gallery Plugin sql injectionzm-gallery PluginNot DefinedNot Defined0.06CVE-2016-10940
09/08/20198.58.2photo-gallery Plugin Albumsgalleries.php sql injectionphoto-gallery PluginNot DefinedOfficial Fix0.09CVE-2019-16119
09/08/20195.24.9photo-gallery Plugin Options.php cross site scriptingphoto-gallery PluginNot DefinedOfficial Fix0.00CVE-2019-16118
09/08/20195.24.9photo-gallery Plugin Galleries.php cross site scriptingphoto-gallery PluginNot DefinedOfficial Fix0.06CVE-2019-16117
08/30/20193.63.4photoblocks-grid-gallery Plugin cross site scriptingphotoblocks-grid-gallery PluginNot DefinedOfficial Fix0.05CVE-2019-15829

Interested in the pricing of exploits?

See the underground prices here!