CVEDB API

Vulnerabilities

Vulnerable Software

4homepages: >> 4images >> 1.7.10 Security Vulnerabilities

CVE-2015-7708

Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat_description parameter in an updatecat action to admin/categories.php.

CVSS Score

4.3

EPSS Score

0.002

Published

2015-10-05

CVE-2012-1021

Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action.

CVSS Score

4.3

EPSS Score

0.046

Published

2012-02-08

CVE-2012-1022

SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action.

CVSS Score

7.5

EPSS Score

0.004

Published

2012-02-08

CVE-2012-1023

Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.

CVSS Score

5.8

EPSS Score

0.045

Published

2012-02-08

Page 1

Vulnerabilities

Vulnerable Software

4homepages: >> 4images >> 1.7.10 Security Vulnerabilities

Products

Pricing

Contact Us