Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum https://www.tinywebgallery.com/forum/ |
|
Tiny Web Gallery Index.PHP Cross-Site Scripting Vulnerabilit https://www.tinywebgallery.com/forum/viewtopic.php?f=5&t=343 |
Page 1 of 1 |
Author: | sandyreddy [ 1. Jun 2006, 00:17 ] |
Post subject: | Tiny Web Gallery Index.PHP Cross-Site Scripting Vulnerabilit |
Hey Micheal, I am using your TWG gallery on my personal site and I came across this vulnerablity when searching for twg on google. http://www.securityfocus.com/bid/17536 Can anyone tell me what are the worst consequenses of this vulnerabilty. Is there any patch released for this? Thank you, Sandy |
Author: | TinyWebGallery [ 1. Jun 2006, 09:10 ] |
Post subject: | |
Hi, It's already patched! Just use 1.4.2! See http://secunia.com/advisories/19660/ All input fileds are now checked about any scripting code! You can try the exploit in the online demos of TWG if you like. /Michael |
Page 1 of 1 | All times are UTC + 1 hour [ DST ] |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |