Shodan
Vulnerabilities
Vulnerable Software
Ifoto:  Security Vulnerabilities
CVE-2007-4092
Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter.
CVSS Score
5.0
EPSS Score
0.037
Published
2007-07-30
CVE-2006-3006
Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter.
CVSS Score
4.3
EPSS Score
0.01
Published
2006-06-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved