46 matches found
CVE-2026-25869
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...
CVE-2026-25869
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...
CVE-2026-25869
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...
CVE-2026-25868
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting XSS vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds it into an error message without output encoding, allowing an attacker to supply...
CVE-2026-25868
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting XSS vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds it into an error message without output encoding, allowing an attacker to supply...
CVE-2026-25869
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...
CVE-2026-25869
MiniGal Nano up to version 0.3.5 is affected by a path traversal vulnerability in index.php via the dir parameter. The application builds the target path by appending user input to the photos directory and attempts to block traversal by removing dot-dot sequences, but this protection can be bypas...
CVE-2026-25868
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting XSS vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds it into an error message without output encoding, allowing an attacker to supply...
CVE-2026-25868 MiniGal Nano <= 0.3.5 Reflected XSS via dir Parameter
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting XSS vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds it into an error message without output encoding, allowing an attacker to supply...
CVE-2026-25868 MiniGal Nano <= 0.3.5 Reflected XSS via dir Parameter
MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting XSS vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds it into an error message without output encoding, allowing an attacker to supply...
PT-2026-7618
MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...
MiniGal Nano 路径遍历漏洞
MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 had a path traversal vulnerability. This vulnerability stemmed from an issue with the dir parameter in the index.php file, which allowed for path traversal attacks. This could...
MiniGal Nano 跨站脚本漏洞
MiniGal Nano is a PHP album program developed by Rybber’s individual developer. Versions of MiniGal Nano prior to 0.3.5 contained a cross-site scripting vulnerability. This vulnerability stemmed from the dir parameter in the index.php file, which allowed for reflective cross-site scripting,...
EUVD-2008-6893
Malware in sbrugna...
EUVD-2005-3431
Malware in sbrugna...
EUVD-2007-2140
Malware in sbrugna...
EUVD-2007-2141
Malware in sbrugna...
kwb76.be XSS vulnerability
Open Bug Bounty ID: OBB-531065 Description| Value ---|--- Affected Website:| kwb76.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
MG2 0.5.1 Multiple XSS Vulnerabilities
Summary MG2 is the sequel to the popular image gallery script MiniGal. One of the highlights of MG2 is, that it supports PHP running in safe mode which is unsupported by almost all other dynamic image gallery scripts on the web. Description MG2 suffers from multiple XSS vulns. Several parameters...
Directory traversal
Directory traversal vulnerability in index.php in MiniGal b13 aka MG2 allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. dot dot in the list parameter...