Aggregates CVE and security vulnerability intelligence across all dale_mooney-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk input validation, with potential vendor impact unexpected behavior and vendor impact data exposure across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-4612 | CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers. | [email protected] | 4.3 | 1.07% | 2007-08-30 | 2026-06-16 |
| CVE-2007-4611 | SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.00% | 2007-08-30 | 2026-06-16 |
| CVE-2007-4610 | Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php. | [email protected] | 6.8 | 1.20% | 2007-08-30 | 2026-06-16 |