GCVE - cpe:2.3:a:softbizscripts:image_gallery

Approved changes feed: RSS · Atom

cpe:2.3:a:softbizscripts:image_gallery_script:-:*:*:*:*:*:*:*

part: a version: - update: *

Vendor	Softbizscripts (`51b084c4-9a1a-5a2e-a5ca-ccc40d84b97c`)
Product	Image Gallery Script (`6d165102-1262-5ce8-b2c4-90034229668e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-3511`	vulnerable	2026-06-03 14:28:54.173871	Details available Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.php, (b) images.php, (c) suggest_image.php, and (d) image_desc.php; and the (2) msg parameter to index.php, images.php, and suggest_image.php, and (e) index.php, (f) adminhome.php, (g) config.php, (h) changepassword.php, (i) cleanup.php, (j) browsecats.php, and (k) images.php in admin/. NOTE: the image_desc.php/msg vector is covered by CVE-2006-1660. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2008-08-07T20:00:00.000Z Updated: 2024-08-07T09:45:18.048Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/44433 http://www.securityfocus.com/bid/30546 http://www.securityfocus.com/bid/30546/exploit	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1660`	vulnerable	2026-06-03 14:27:24.895679	Details available Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz Image Gallery allows remote attackers to inject arbitrary web script or HTML via msg parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Published: 2006-04-07T10:00:00.000Z Updated: 2024-08-07T17:19:49.190Z Open on db.gcve.eu Reference links http://secunia.com/advisories/19523 http://www.vupen.com/english/advisories/2006/1217	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1659`	vulnerable	2026-06-03 14:27:24.895327	Details available Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in image_desc.php, (2) provided parameter in template.php, (3) cid parameter in suggest_image.php, (4) img_id parameter in insert_rating.php, and (5) cid parameter in images.php. Published: 2006-04-07T10:00:00.000Z Updated: 2024-08-07T17:19:49.099Z Open on db.gcve.eu Reference links http://www.osvdb.org/24371 http://www.osvdb.org/24368 https://exchange.xforce.ibmcloud.com/vulnerabilities/25616 http://www.securityfocus.com/bid/17339 http://www.securityfocus.com/archive/1/429763/100/0/threaded	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Image Gallery Script

PURL mappings

Vulnerability references

Contribute