David Alkire Drag & Drop Gallery — known CVE vulnerabilities
Every CVE whose affected-product data names David Alkire Drag & Drop Gallery, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2012-4479 — CVSS 7.5 (high): SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via…
CVE-2012-4478 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the…
CVE-2012-4472 — CVSS 5.1 (medium): Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote…
CVE-2012-4477 — CVSS 5.0 (medium): Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via…
CVE-2012-4476 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web…