Vulnerabilities > Tinywebgallery > Tinywebgallery > 1.7.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-03 | CVE-2013-2631 | Information Exposure vulnerability in Tinywebgallery TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php. | 5.3 |
| 2020-01-09 | CVE-2012-2931 | Injection vulnerability in Tinywebgallery PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file. | 7.2 |