Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 11 May 2016 16:28:57 -0300
From: Oliveira Lima <>
Subject: Request CVE ID for Simple Photo Gallery 1.8.0 - Stored XSS

request CVE ID for Simple Photo Gallery <= 1.8.0 - Stored Cross-Site
Scripting (XSS)


The plugin allows the execution of malicious codes on name input of the
gallery and album.

Proof of Concept URL

Report Timeline
26-April-2016- Reported
27-April-2016- Vendor Response
27 -April-2016- Vendor Fixed
28-April-2016- Public disclosed

Vendo Reference



Oliveira Lima Jr
Linkedin <>
@oliveiralimajr <>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.