Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2015-9228

In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.

  • Published: Sep 12, 2017
  • Updated: Nov 9, 2025
  • CVE: CVE-2015-9228
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9
  • AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
imagely / nextgen_gallery 2.1.10 2.1.10.x
imagely / nextgen_gallery 2.1.9 2.1.9.x
imagely / nextgen_gallery 2.1.7 2.1.7.x
imagely / nextgen_gallery 2.1.2 2.1.2.x
imagely / nextgen_gallery 2.1.0 2.1.0.x
imagely / nextgen_gallery 2.0.79 2.0.79.x
imagely / nextgen_gallery 2.0.78.1 2.0.78.1.x
imagely / nextgen_gallery 2.0.78 2.0.78.x
imagely / nextgen_gallery 2.0.77 2.0.77.x
imagely / nextgen_gallery 2.0.76 2.0.76.x
imagely / nextgen_gallery 2.0.74 2.0.74.x
imagely / nextgen_gallery 2.0.71 2.0.71.x
imagely / nextgen_gallery 2.0.66.33 2.0.66.33.x
imagely / nextgen_gallery 2.0.66.31 2.0.66.31.x
imagely / nextgen_gallery 2.0.66.29 2.0.66.29.x
imagely / nextgen_gallery 2.0.66.27 2.0.66.27.x
imagely / nextgen_gallery 2.0.66.26 2.0.66.26.x
imagely / nextgen_gallery 2.0.66.17 2.0.66.17.x
imagely / nextgen_gallery 2.0.66.16 2.0.66.16.x
imagely / nextgen_gallery 2.0.66 2.0.66.x
imagely / nextgen_gallery 2.0.65 2.0.65.x
imagely / nextgen_gallery 2.0.63 2.0.63.x
imagely / nextgen_gallery 2.0.61 2.0.61.x
imagely / nextgen_gallery 2.0.59 2.0.59.x
imagely / nextgen_gallery 2.0.58 2.0.58.x
imagely / nextgen_gallery 2.0.57 2.0.57.x
imagely / nextgen_gallery 2.0.40 2.0.40.x
imagely / nextgen_gallery 2.0.33 2.0.33.x
imagely / nextgen_gallery 2.0.31 2.0.31.x
imagely / nextgen_gallery 2.0.30 2.0.30.x
imagely / nextgen_gallery 2.0.27 2.0.27.x
imagely / nextgen_gallery 2.0.25 2.0.25.x
imagely / nextgen_gallery 2.0.23 2.0.23.x
imagely / nextgen_gallery 2.0.21 2.0.21.x
imagely / nextgen_gallery 2.0.17 2.0.17.x
imagely / nextgen_gallery 2.0.14 2.0.14.x
imagely / nextgen_gallery 2.0.11 2.0.11.x
imagely / nextgen_gallery 2.0.7 2.0.7.x
imagely / nextgen_gallery 2.0 2.0.x
imagely / nextgen_gallery 1.9.13 1.9.13.x
imagely / nextgen_gallery 1.9.12 1.9.12.x
imagely / nextgen_gallery 1.9.11 1.9.11.x
imagely / nextgen_gallery 1.9.10 1.9.10.x
imagely / nextgen_gallery 1.9.8 1.9.8.x
imagely / nextgen_gallery 1.9.7 1.9.7.x
imagely / nextgen_gallery 1.9.6 1.9.6.x
imagely / nextgen_gallery 1.9.5 1.9.5.x
imagely / nextgen_gallery 1.9.3 1.9.3.x
imagely / nextgen_gallery 1.9.2 1.9.2.x
imagely / nextgen_gallery 1.9.1 1.9.1.x
imagely / nextgen_gallery 1.9.0 1.9.0.x
imagely / nextgen_gallery 1.8.4 1.8.4.x
imagely / nextgen_gallery 1.8.3 1.8.3.x
imagely / nextgen_gallery 1.8.2 1.8.2.x
imagely / nextgen_gallery 1.8.1 1.8.1.x
imagely / nextgen_gallery 1.8.0 1.8.0.x
imagely / nextgen_gallery 1.7.4 1.7.4.x
imagely / nextgen_gallery 1.7.3 1.7.3.x
imagely / nextgen_gallery 1.7.2 1.7.2.x
imagely / nextgen_gallery 1.7.1 1.7.1.x
imagely / nextgen_gallery 1.7.0 1.7.0.x
imagely / nextgen_gallery 1.6.2 1.6.2.x
imagely / nextgen_gallery 1.6.1 1.6.1.x
imagely / nextgen_gallery 1.6.0 1.6.0.x
imagely / nextgen_gallery 1.5.5 1.5.5.x
imagely / nextgen_gallery 1.5.4 1.5.4.x
imagely / nextgen_gallery 1.5.3 1.5.3.x
imagely / nextgen_gallery 1.5.2 1.5.2.x
imagely / nextgen_gallery 1.5.1 1.5.1.x
imagely / nextgen_gallery 1.5.0 1.5.0.x