VYPR

Truegalerie

by Truegalerie

CVEs (2)

  • CVE-2003-1488Dec 31, 2003
    risk 0.03cvss epss 0.02

    The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1.

  • CVE-2003-1489Dec 31, 2003
    risk 0.00cvss epss 0.01

    upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.