TinyWebGallery Add/Create Module Cross-Site Scripting Vulnerability

TinyWebGallery TWG is a software developer Michael Dempfle developed a set of open source album based on Ajax, PHP and XML , it provides text and image watermarking , slide show , image uploading and management features such as Add/Create module is one of the Add/Create module. A cross-site...

CVE-2017-16635

In TinyWebGallery v2.4, an XSS vulnerability is located in the mkname, mkitem, and item parameters of the Add/Create module. Remote attackers with low-privilege user accounts for backend access are able to inject malicious script codes into the TWG Explorer item listing. The request method to...

CVE-2017-16635

In TinyWebGallery v2.4, an XSS vulnerability is located in the mkname, mkitem, and item parameters of the Add/Create module. Remote attackers with low-privilege user accounts for backend access are able to inject malicious script codes into the TWG Explorer item listing. The request method to...

TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability

Document Title: =============== TinyWebGallery v2.4 TWGE - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1997 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16635...