• IDP Daily Update #1321
  posted: 12/02/08
  
• NSM Daily Update #1321
  posted: 12/02/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1321
  posted: 12/02/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 12/02/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 12/01/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Thickbox Gallery 'conf/admins.php' Information Disclosure Vulnerability

Severity: MODERATE

Description:

Thickbox Gallery is PHP-based photo-gallery application.

Thickbox Gallery is prone to an information-disclosure vulnerability that occurs in the 'conf/admins.php' script. Specifically, the application discloses usernames and encrypted MD5 password hashes for the affected application.

Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Thickbox Gallery 2 is vulnerable; other versions may also be affected.

Affected Products:

• Thickbox Gallery 2

References:

• ThickBox: ThickBox Gallery Homepage