This page lists publicly disclosed CVE vulnerabilities affecting sergey_kiselev sgallery (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-0377 | SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters. | [email protected] | 7.5 | 1.51% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0375 | imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function. | [email protected] | 5.0 | 1.55% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0376 | PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php. | [email protected] | 7.5 | 2.05% | 2005-01-12 | 2026-06-16 |