Dale Mooney : Security Vulnerabilities, CVEs, CVSS score >= 1
CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.
Max CVSS
4.3
EPSS Score
0.49%
Published
2007-08-31
Updated
2018-10-15
SQL injection vulnerability in viewevent.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.12%
Published
2007-08-31
Updated
2018-10-15
Unrestricted file upload vulnerability in config/upload.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php.
Max CVSS
6.8
EPSS Score
1.09%
Published
2007-08-31
Updated
2018-10-15
3 vulnerabilities found