Produkt Minimal gallery (...) - CVEMAP.ORG

Podatności dla 'Minimal gallery'

2008-01-15

CVE-2008-0260

minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.

CVE-2008-0259

Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.

Copyright 2024, cxsecurity.com