mAlbum 0.3 has default accounts (1) "login"/"pass" for its administrative account and (2) "dqsfg"/"sdfg", which allows remote attackers to gain...
7AI Score
0.026EPSS
Directory traversal vulnerability in the cached_album function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a .. (dot dot) in the gal parameter to...
7.1AI Score
0.007EPSS
index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal...
7AI Score
0.004EPSS