PT-2025-4021 · Needyamin · Image Gallery
Maloy Roy Orko
+1
·
Published
2025-01-26
·
Updated
2025-07-21
·
CVE-2025-0721
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
needyamin image gallery version 1.0
Description
A problematic issue has been found in the image gallery function of the file /view.php. The manipulation of the
username argument leads to cross site scripting. It is possible to initiate the attack remotely. The issue has been disclosed to the public and the vendor was contacted but did not respond.Recommendations
needyamin image gallery version 1.0: Update the image gallery function in /view.php to properly sanitize the
username argument and prevent cross site scripting attacks.Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Image Gallery