Simple Image Gallery v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the username...
9.8CVSS
9.8AI Score
0.027EPSS
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album...
8.8CVSS
9AI Score
0.001EPSS
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended (SIGE) extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in...
6.1CVSS
5.8AI Score
0.001EPSS
The Simple Image Gallery WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the msg parameter found in the ~/simple-image-gallery.php file which allows attackers to inject arbitrary web scripts, in versions up to and including...
6.1CVSS
6AI Score
0.001EPSS
An unrestricted file upload on Simple Image Gallery Web App can be exploited to upload a web shell and executed to gain unauthorized access to the server hosting the web...
9.8CVSS
9.6AI Score
0.003EPSS
Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption...
6.1CVSS
5.9AI Score
0.001EPSS