Description
Cross-site scripting (XSS) vulnerability in thumbs.php in mmgallery 1.55 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Al7ejaz Hacker · textwebappsphp
https://www.exploit-db.com/exploits/29177
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21281
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1917
Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017283
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452558/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23130
Scores
EPSS
0.0051
EPSS Percentile
66.6%
Details
Status
published
Products (1)
mmgallery/mmgallery
1.55
Published
Nov 26, 2006
Tracked Since
Feb 18, 2026