Zenphoto : Security Vulnerabilities, CVEs, Published In 2012 (XSS)

CVE-2012-2641

Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 allows remote attackers to inject arbitrary web script or HTML by triggering improper interaction with an unspecified library.
Max CVSS
4.3
EPSS Score
0.14%
Published
2012-07-05
Updated
2012-07-06

CVE-2012-0995

Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in an external action to zp-core/admin.php, (2) PATH_INTO to an unspecified URL, as demonstrated using /1/, (3) PATH_INFO to zp-core/admin.php, or (4) album parameter to zp-core/admin-edit.php.
Max CVSS
4.3
EPSS Score
0.50%
Published
2012-02-21
Updated
2017-08-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close