Ben3W 2Bgal vulnerabilities
3 known vulnerabilities affecting ben3w/2bgal.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2006-5505P3HIGHCVSS 7.5PoCv3.02006-10-25
CVE-2006-5505 [HIGH] CVE-2006-5505: Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary
Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary PHP code via the lang parameter to (1) admin/configuration.inc.php, (2) admin/creer_album.inc.php, (3) admin/changepwd.php.inc, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party informatio
nvd
CVE-2004-1415P4MEDIUMCVSS 5.0PoCv2.4v2.5.12004-12-31
CVE-2004-1415 [MEDIUM] CVE-2004-1415: SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5
SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter.
nvd
CVE-2007-1852P4MEDIUMCVSS 6.8v3.1.12007-04-03
CVE-2007-1852 [MEDIUM] CVE-2007-1852: Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute
Multiple PHP remote file inclusion vulnerabilities in 2BGal 3.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the lang_filename parameter to (1) index.php or (2) backupdb.inc.php in admin/, or other unspecified files, different vectors than CVE-2006-5505. NOTE: this issue has been disputed by CVE, since the lang_filename variable is defin
nvd