Summary
This host is installed with TFT Gallery and is prone to Cross- Site Scripting and Directory Traversal vulnerabilities.
Impact
Successful exploitation will allow remote attackers to disclose sensitive information and conduct cross-site scripting attacks.
Impact Level: Application
Solution
Upgrade to version 0.13.1 or later,
For updates refer to http://www.tftgallery.org
Insight
- Error exists when input passed via the 'sample' parameter to settings.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code or conduct XSS attacks.
- Input passed via the 'album' parameter to index.php is not properly verified before being used to include files via a '../'. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.
Affected
TFT Gallery version 0.13 and prior on all platforms.
References
Severity
Classification
-
CVE CVE-2009-3911, CVE-2009-3912 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
- Apache Solr Directory Traversal Vulnerability Jan-14
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache Struts2/XWork Remote Command Execution Vulnerability