Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum
https://www.tinywebgallery.com/forum/

Tiny Web Gallery Index.PHP Cross-Site Scripting Vulnerabilit
https://www.tinywebgallery.com/forum/viewtopic.php?f=5&t=343
Page 1 of 1

Author:  sandyreddy [ 1. Jun 2006, 00:17 ]
Post subject:  Tiny Web Gallery Index.PHP Cross-Site Scripting Vulnerabilit

Hey Micheal,

I am using your TWG gallery on my personal site and I came across this vulnerablity when searching for twg on google.

http://www.securityfocus.com/bid/17536

Can anyone tell me what are the worst consequenses of this vulnerabilty.

Is there any patch released for this?

Thank you,

Sandy

Author:  TinyWebGallery [ 1. Jun 2006, 09:10 ]
Post subject: 

Hi,

It's already patched! Just use 1.4.2!
See http://secunia.com/advisories/19660/

All input fileds are now checked about any scripting code!
You can try the exploit in the online demos of TWG if you like.

/Michael

Page 1 of 1 All times are UTC + 1 hour [ DST ]
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/