Photo Video Album version 1.0 suffers from local file inclusion and remote shell upload vulnerabilities.
f3876755c36f7ac9243e6f8a55d654c919116bcd7078c7115015dc4c737dd532Availscript Photo Album suffers from cross site scripting and SQL injection vulnerabilities in pics.php.
2f26fa6572f8286017ccb5793aea1deef54ec9aacf54e16d15db481e28860924Gentoo Linux Security Advisory GLSA 200809-08 - Amarok uses temporary files in an insecure manner, allowing for a symlink attack. Dwayne Litzenberger reported that the MagnatuneBrowser::listDownloadComplete() function in magnatunebrowser/magnatunebrowser.cpp uses the album_info.xml temporary file in an insecure manner. Versions less than 1.4.10 are affected.
a8677abbc4fd25501e2f4c6ef773ea98bc5581d088341c3ff7771de90a64c963Secunia Security Advisory - Alemin_Krali has reported some vulnerabilities in aspWebAlbum, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or compromise a vulnerable system.
c2ceb3aa49a236612dd79ed4ea3eb404cf2764d676e1985d11bb9e29ca81ddb5aspWebAlbum version 3.2 suffers from cross site scripting, SQL injection, and upload vulnerabilities.
9100025966c075d93a29f844cda21de61f1b0b61c904988e6d76b4864284e1caEZWebAlbum suffers from an insecure cookie handling vulnerability that allows anyone to be an administrator.
2b4daa4e463ca44a323fb0d3c054525f029f5c280b1fe776bb840583356dad62EZWebAlbum suffers from a remote file disclosure vulnerability.
081640ba7602be156e088c197157995ee7aa643257d38bb76bfef52e128b5644WEBAlbum version 2.0 and below suffer from a remote stored cross site scripting vulnerability.
4a243ea4bd1630011d4692bf1836c6fa923d09d800068ac5fb50c3226c883751Secunia Security Advisory - cOndemned has discovered two vulnerabilities in PHPhotoalbum, which can be exploited by malicious people to conduct SQL injection attacks.
527bd6e27486fc3e5c20e1bef1c5a325ea8e87efb26bc0ad70d88a37284b1c3cPHPhotoalbum version 0.5 suffers from multiple remote SQL injection vulnerabilities.
721077397f84e8e69167f5ef354777f2e9fa8b4733e0b7d39c565c4fef78a9cdAdobe Photoshop Album Starter, Adobe After Effects CS3, and Adobe Photoshop CS3 all suffer from a local buffer overflow vulnerability. Included is an exploit for Album Starter version 3.2 on Microsoft Windows SP2 that launches calc.exe.
b9d39af85285018f275769b36f2ed7800d54726f4a9f858f9a4302a44dc409f9The Joomla MyAlbum component version 1.0 suffers from a remote SQL injection vulnerability.
771c22825e7f27cb918d9625ea1fcb03472301cfe6352b8e6650a0344b42b7f4KAPhotoservice remote SQL injection exploit that makes use of album.asp.
0643496d453fa9f22174d217201584f7c5b02522fccba291927674b10ce23d56Secunia Security Advisory - A vulnerability has been reported in the WP Photo Album (WPPA) plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
c545f997ff32681c104254c71d18d26025500dbff7a5e9565e3eec70e025f2a3The WordPress Photo Album suffers from a remote SQL injection vulnerability.
4cdc7ed07e632099d2bc0f92847a29db5cf94c91770e7d9e62c1517fb931d1f4Secunia Security Advisory - Russ McRee has reported a vulnerability in Dansie Photo Album, which can be exploited by malicious people to conduct cross-site scripting attacks.
25dd311a566e093badf0f50c2cea6eb36f9d9a57faba4d55283fa5b3c3b4faacImageAlbum versions 2.0.0b2 and below suffer from multiple remote SQL injection vulnerabilities.
8faa5e4a3562f47c3b4fd096f989d84dca895b9ac459d9ed15d97ac153f594e4The Joomla Photo Album component version 1.24 suffers from a remote file inclusion vulnerability.
318d6777b649e658d0761d9421ef7355471656ba28580f7305a468e04664e46dGentoo Linux Security Advisory GLSA 200710-13 - LT discovered that the match parameter in albums.php is not properly sanitized before being processed. The Apache development team also reported an error when handling user sessions. Versions less than 3.3.3.5 are affected.
51e034dfc86c577529b8bcafe6b158ef2edd5920f0e562bfb87fce22c93fc6c1LiveAlbum version 0.9.0 suffers from a remote file inclusion vulnerability in common.php.
b12c73953607f6967e6727aa5bebca1908e2e6c12b7e17f316e3ed6a4133c7ebSecunia Security Advisory - S.W.A.T. has discovered a vulnerability in LiveAlbum, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
3a608d5f155a576cfbbf02df15183bc9ca2e8688d349c69d0cf41b2a752c0fc9phpBB Plus suffers from a remote file inclusion vulnerability in lang_admin_album.php.
3db115fede6f2e754b24773d279e3a245c98df46983db5e5425fd1bff288efa7iTunes version 7.3.x suffers from a heap overflow vulnerability in the album cover parsing functionality. This has been fixed in version 7.4.
28b4a0b4a1f784dab5f1f222467ff29b633f6ffdf4df0e5380890bb5487820beMandriva Linux Security Advisory - Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long album title or category.
8811ea551aa8ea7aee91fb2aa3d1a5832405aa5c947b0b09a04858480aebcf0aMonalbum version 0.8.7 remote code execution exploit.
823c3b6ff02bf8997bd11a826848edf291e9dcce36d7b65559bbfafb51eef30bSecunia Security Advisory - Dj7xpl has reported some vulnerabilities in MonAlbum, which can be exploited by malicious people to compromise a user's system.
3c9346cd9ac682cd27db5dff4af2e46624c6073967d768c4d4691242c433704d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed