iGallery Plugin 1.0.0 Cross Site Scripting

iGallery Plugin v1.0.0 dir Remote Cross-Site Scripting Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: 1.0.0 Summary: iGallery uses MooTools - image resizing done dynamically using phpThumb - resized images are cached. Desc: iGallery suffers fr...

iGallery Plugin v1.0.0 (dir) Remote Cross-Site Scripting Vulnerability

Summary iGallery uses MooTools - image resizing done dynamically using phpThumb - resized images are cached. Description iGallery suffers from a XSS vulnerability when parsing user input to the 'dir' parameter via GET method in '/scripts/pthumb/demo/phpThumb.demo.random.php'. Attackers can exploi...