MiniGal 2 (MG2) 0.5.1 allows remote malicious users to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thomas rybak minigal 2 0.5.1 |
||
thomas rybak minigal 2 b13 |