CVE-2008-6211

mcgallery 1.1 - Cross-Site Scripting via lang Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 7 public exploits for CVE-2008-6211. PoCs published by K-9999.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script into the 'lang' parameter of stats.php. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies.

Description

Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (7)

exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31599

This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script into the 'lang' parameter of stats.php. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the target URL with the vulnerable parameter
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31602

This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script via the 'lang' parameter in the show.php file. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookie-based authentication credentials.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the vulnerable mcGallery instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31598

This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script via the 'lang' parameter in sess.php. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the target URL with the vulnerable parameter
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31601

This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script via the 'lang' parameter in resize.php. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the vulnerable mcGallery instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31597

This exploit demonstrates a cross-site scripting (XSS) vulnerability in mcGallery 1.1 by injecting a malicious script via the 'lang' parameter in the URL. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookie-based authentication credentials.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the target application's URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31600

This exploit demonstrates a reflected XSS vulnerability in mcGallery 1.1 by injecting a malicious script via the 'lang' parameter in detail.php. The PoC uses a simple JavaScript alert to confirm the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the vulnerable mcGallery instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by K-9999 · textwebappsphp
https://www.exploit-db.com/exploits/31596

The provided text describes a cross-site scripting (XSS) vulnerability in mcGallery 1.1, where user-supplied input is not properly sanitized. The example demonstrates a reflected XSS attack via the 'lang' parameter in admin.php.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: mcGallery 1.1
No auth needed
Prerequisites: Access to the vulnerable admin.php endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28587
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41637

Scores

EPSS 0.0148
EPSS Percentile 70.5%

Details

CWE
CWE-79
Status published
Products (1)
mcgallerypro/mcgallery 1.1
Published Feb 20, 2009
Tracked Since Feb 18, 2026