Vulnerabilidades em contest-gallery
14 resultadosCVE-2019-5974—Cross-site request forgery (CSRF) vulnerability in Contest Gallery versions prior to 10.4.5 allows remote attackers to hijack the authenticaEPSS 1.0%CVE-2024-11103CRITICALContest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account TakeoverEPSS 0.7%CVE-2026-3180HIGHContest Gallery <= 28.1.4 - Unauthenticated SQL InjectionEPSS 0.7%CVE-2024-10687CRITICALPhotos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL InjectionEPSS 0.6%CVE-2026-4021HIGHContest Gallery <= 28.1.5 - Unauthenticated Privilege Escalation Admin Account Takeover via Registration Confirmation Email-to-ID Type ConfusionEPSS 0.4%CVE-2026-12165HIGHContest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' ParameterEPSS 0.4%CVE-2026-8912HIGHContest Gallery <= 28.1.6 - Unauthenticated SQL InjectionEPSS 0.4%CVE-2025-11254MEDIUMContest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.3 - Unauthenticated CSV InjectionEPSS 0.3%CVE-2025-12849MEDIUMContest Gallery <= 28.0.2 - Missing AuthorizationEPSS 0.3%CVE-2025-1513HIGHPhotos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 26.0.0.1 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-3862MEDIUMContest Gallery <= 26.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via id ParameterEPSS 0.2%CVE-2025-10383MEDIUMContest Gallery – Upload, Vote & Sell with PayPal and Stripe <= 27.0.2 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-7725HIGHPhotos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI <= 26.1.0 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-6716MEDIUMContest Gallery <= 26.0.8 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.2%