Davlin: Security Vulnerabilities
Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ln parameter.
CVSS Score
6.8
EPSS Score
0.015
Published
2009-05-12
Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.
CVSS Score
5.0
EPSS Score
0.022
Published
2008-08-29