CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpalbum: >> Phpalbum >> 0.4.1.16 Security Vulnerabilities

CVE-2011-4806

Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters.

CVSS Score

4.3

EPSS Score

0.004

Published

2011-12-14

CVE-2011-4807

Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter.

CVSS Score

5.0

EPSS Score

0.04

Published

2011-12-14

Page 1

Vulnerabilities

Vulnerable Software

Phpalbum: >> Phpalbum >> 0.4.1.16 Security Vulnerabilities

Products

Pricing

Contact Us