tftgallery .13 - Directory Traversal exploit

ID SSV:66945
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                Released information about the album parameter being vulnerable to XSS
earlier. Seems there are other similar issues:

The album parameter is vulnerable to directory transversal<>

The sample parameter is vulnerable to XSS'></link><script>alert('blake
XSS test')</script>&name=cucumber%20cool