Filtered by vendor Tft Gallery
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6347 | 1 Tft Gallery | 1 Tft Gallery | 2024-11-21 | N/A |
| Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to upload arbitrary .php files, possibly using admin/index.php. NOTE: this can be leveraged with CVE-2006-1412 to create a remote unauthenticated vector. | ||||
| CVE-2006-1412 | 1 Tft Gallery | 1 Tft Gallery | 2024-11-21 | N/A |
| TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd. | ||||
Page 1 of 1.