38 matches found
EUVD-2009-3882
Malware in sbrugna...
EUVD-2009-3883
Malware in sbrugna...
EUVD-2009-3804
Malware in sbrugna...
CVE-2009-3833
Cross-site scripting XSS vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter...
CVE-2009-3912
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the album parameter...
TFTgallery 0.13 'sample' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36898/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
TFTgallery <= 0.13.1 - Local File Inclusion Vulnerability
No description provided by source...
TFTgallery 0.13 'album' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36833/info TFTgallery is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
TFTgallery 'thumbnailformpost.inc.php' Local File Include Vulnerability
TFTgallery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow t...
TFTgallery <= 0.13.1 Local File Inclusion Vulnerability
Exploit for php platform in category web applications ======================================================= TFTgallery gmailcom registerglobals=On Who said "what a useless vulnerability!" = "includeonce "language/" . $adminlangfile;" @thumbnailformpost.inc.php line 3 for the win ;...
TFTgallery <= 0.13.1 'thumbnailformpost.inc.php' LFI Vulnerability - Active Check
TFTgallery is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
TFTgallery 0.13.1 - Local File Inclusion
TFTgallery gmailcom registerglobals=On Who said "what a useless vulnerability!" = "includeonce "language/" . $adminlangfile;" @thumbnailformpost.inc.php line 3 for the win ;. http://www.IM-G0ING-T0-G3T-HACK3D.COM/TFTP-GALLERY-PATH/admin/thumbnailformpost.inc.php?adminlangfile=LFI Maybe some other...
TFTgallery 0.13.1 Local File Inclusion
TFTgallery gmailcom registerglobals=On Who said "what a useless vulnerability!" = "includeonce "language/" . $adminlangfile;" @thumbnailformpost.inc.php line 3 for the win ;. http://www.IM-G0ING-T0-G3T-HACK3D.COM/TFTP-GALLERY-PATH/admin/thumbnailformpost.inc.php?adminlangfile=LFI Maybe some other...
Cross site scripting
Cross-site scripting XSS vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter...
Directory traversal
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the album parameter...
CVE-2009-3911
Cross-site scripting XSS vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter...
CVE-2009-3912
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the album parameter...
CVE-2009-3912
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the album parameter...
CVE-2009-3911
TFTgallery 0.13 is vulnerable to a cross-site scripting (XSS) flaw in settings.php via the sample parameter, allowing remote injection of script/HTML. OpenVAS notes TFTgallery
CVE-2009-3911
Cross-site scripting XSS vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter...