Minimal Design » Minimal Gallery : Security Vulnerabilities, CVEs,
minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to php_info.php, which calls the phpinfo function.
Max CVSS
5.0
EPSS Score
0.22%
Published
2008-01-15
Updated
2017-09-29
Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters.
Max CVSS
6.4
EPSS Score
0.33%
Published
2008-01-15
Updated
2017-09-29
2 vulnerabilities found