Mmgallery : Security Vulnerabilities, CVEs,
mmgallery 1.55 allows remote attackers to obtain sensitive information via a direct request for thumbs.php, which reveals the installation path in various error messages.
Max CVSS
5.0
EPSS Score
0.62%
Published
2006-11-26
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1.55 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Max CVSS
6.8
EPSS Score
2.17%
Published
2006-11-26
Updated
2018-10-17
2 vulnerabilities found