TFTgallery .13 Directory Traversal Exploit

ID SSV:14456
Type seebug
Reporter Root
Modified 2009-11-02T00:00:00


No description provided by source.

                                                Released information about the album parameter being vulnerable to XSS
earlier. Seems there are other similar issues:

The album parameter is vulnerable to directory transversal<>

The sample parameter is vulnerable to XSS'></link><script>alert('blake
XSS test')</script>&name=cucumber%20cool