Tftgallery » Tftgallery : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter.
Max CVSS
5.0
EPSS Score
7.20%
Published
2009-11-09
Updated
2009-11-09
Cross-site scripting (XSS) vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2009-11-09
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
Max CVSS
4.3
EPSS Score
0.13%
Published
2009-11-02
Updated
2009-11-02
3 vulnerabilities found