Vulnerabilities (CVE)

Filtered by vendor Tftgallery Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3912 1 Tftgallery 1 Tftgallery 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter.
CVE-2009-3911 1 Tftgallery 1 Tftgallery 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter.
CVE-2009-3833 1 Tftgallery 1 Tftgallery 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter.