Summary
This host is installed with TFT Gallery and is prone to Cross- Site Scripting and Directory Traversal vulnerabilities.
Impact
Successful exploitation will allow remote attackers to disclose sensitive information and conduct cross-site scripting attacks.
Impact Level: Application
Solution
Upgrade to version 0.13.1 or later,
For updates refer to http://www.tftgallery.org
Insight
- Error exists when input passed via the 'sample' parameter to settings.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code or conduct XSS attacks.
- Input passed via the 'album' parameter to index.php is not properly verified before being used to include files via a '../'. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.
Affected
TFT Gallery version 0.13 and prior on all platforms.
References
Severity
Classification
-
CVE CVE-2009-3911, CVE-2009-3912 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache Tomcat Directory Listing and File disclosure
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities