CVE-2005-3432

MiniGal 2 (MG2) <0.5.1 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3432. PoCs published by Preben Nylokken.

AI-analyzed exploit summary The exploit describes an authentication bypass vulnerability in MG2 image gallery software. By manipulating the 'list' and 'page' parameters in the URL, attackers can bypass password protection and access restricted image galleries.

Description

MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Preben Nylokken · textwebappsphp
https://www.exploit-db.com/exploits/26436

The exploit describes an authentication bypass vulnerability in MG2 image gallery software. By manipulating the 'list' and 'page' parameters in the URL, attackers can bypass password protection and access restricted image galleries.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: MG2 (all versions), likely Minigal B13
No auth needed
Prerequisites: Access to the target MG2 web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=113063215507210&w=2
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15235
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/128
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17374/

Scores

EPSS 0.0287
EPSS Percentile 85.0%

Details

Status published
Products (2)
thomas_rybak/minigal_2 0.5.1
thomas_rybak/minigal_2 b13
Published Nov 02, 2005
Tracked Since Feb 18, 2026