CVE-2012-2910

2012-05-21T14:55:07
ID CVE-2012-2910
Type cve
Reporter NVD
Modified 2017-08-28T21:31:45

Description

Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware phpThumb() 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter to demo/phpThumb.demo.random.php or (2) title parameter to demo/phpThumb.demo.showpic.php.