Filtered by vendor Tinywebgallery
Subscribe
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5014 | 1 Tinywebgallery | 1 Wordpress Flash Uploader | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path. | |||||
| CVE-2013-2631 | 1 Tinywebgallery | 1 Tinywebgallery | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php. | |||||
| CVE-2012-2931 | 1 Tinywebgallery | 1 Tinywebgallery | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file. | |||||