vendor:
Thumbnail Gallery Post 1b
by:
ThE g0bL!N
9,3
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: Thumbnail Gallery Post 1b
Affected Version From: 1b
Affected Version To: 1b
Patch Exists: Yes
Related CWE: N/A
CPE: a:mrcgiguy:thumbnail_gallery_post_1b
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
MRCGIGUY Thumbnail Gallery Post 1b Remote File Upload Vuln
A vulnerability in MRCGIGUY Thumbnail Gallery Post 1b allows an attacker to upload a malicious file to the server. The attacker can then access the malicious file by visiting the URL of the uploaded file. This vulnerability is due to insufficient validation of user-supplied input in the 'submit.cgi' script. An attacker can exploit this vulnerability to upload arbitrary files to the server, which can lead to arbitrary code execution.
Mitigation:
The vendor has released a patch to address this vulnerability. Users should upgrade to the latest version of MRCGIGUY Thumbnail Gallery Post 1b.
