CNNVD-202602-1909 Information

CNNVD ID

CNNVD-202602-1909

Related CVE

CVE-2026-25868

• CNNVD Published: 2026-02-11

Description (Chinese)

MiniGal Nano是rybber个人开发者的一个PHP相册程序。 MiniGal Nano 0.3.5及之前版本存在跨站脚本漏洞，该漏洞源于index.php中dir参数存在反射型跨站脚本，可能导致在受害者浏览器中执行任意脚本。

Description (English)

MiniGal Nano is a PHP album program for rybber personal developers. MiniGal Nano 0.3.5 and previous versions had a cross-site script loophole, which stemmed from the reflection-type cross-site script of the dir parameter in index.php, which could lead to the implementation of any script in the victim browser.

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2026-02-11

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/minigal-nano-reflected-xss-via-dir-parameter https://sourceforge.net/projects/minigalnano/ http://www.minigal.dk/minigal-nano.html https://web.archive.org/web/20180330004313/ https://access.redhat.com/security/cve/cve-2026-25868