Gallarific Cross Site Scripting and Authentication Bypass Vulnerabilities

Gallarific Cross Site Scripting and Authentication Bypass Vulnerabilities

An attacker can exploit these issues through a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting victim into following a malicious URI.

The following proof-of-concept URIs are available:

http://www.example.com/gadmin/gallery.php?task=delete&amp;id=1
http://www.example.com/gadmin/gallery.php?task=edit&amp;id=1

The following examples and exploit are also available:

/data/vulnerabilities/exploits/28163.html
/data/vulnerabilities/exploits/28163-2.html