Skip to main content

Drag Drop Gallery

5 CVEs product

Monthly

CVE-2012-4479 HIGH PATCH This Week

SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Drag Drop Gallery
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-4478 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Drag Drop Gallery
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4477 MEDIUM PATCH This Month

Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Drag Drop Gallery
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-4476 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Drag Drop Gallery
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4472 MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available.

PHP File Upload Drag Drop Gallery
NVD
CVSS 2.0
5.1
EPSS
0.7%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Drag Drop Gallery
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Drag Drop Gallery
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Drag Drop Gallery
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Drag Drop Gallery
NVD
EPSS 1% CVSS 5.1
MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available.

PHP File Upload Drag Drop Gallery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy