Davlin Thickbox Gallery vulnerabilities
2 known vulnerabilities affecting davlin/thickbox_gallery.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-1625P3MEDIUMCVSS 6.8PoCv22009-05-12
CVE-2009-1625 [MEDIUM] CWE-22 CVE-2009-1625: Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to incl
Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ln parameter.
nvd
CVE-2008-3859P3MEDIUMCVSS 5.0PoCv22008-08-29
CVE-2008-3859 [MEDIUM] CWE-255 CVE-2008-3859: Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 pass
Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.
nvd