Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
http://www.vupen.com/english/advisories/2005/1432
http://sourceforge.net/project/shownotes.php?release_id=349348