Vulnerabilities (CVE)

Filtered by vendor Minimal Design Subscribe
Filtered by product Minimal Gallery
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0260 1 Minimal Design 1 Minimal Gallery 2024-11-21 5.0 MEDIUM N/A
minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.
CVE-2008-0259 1 Minimal Design 1 Minimal Gallery 2024-11-21 6.4 MEDIUM N/A
Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.