EUVD-2009-2128

Malware in sbrugna...

EUVD-2012-1060

Malware in sbrugna...

EUVD-2009-2127

Malware in sbrugna...

EUVD-2021-14069

Malware in sbrugna...

EUVD-2006-5221

Malware in sbrugna...

EUVD-2006-2215

Malware in sbrugna...

EUVD-2009-2376

Malware in sbrugna...

EUVD-2012-1059

Malware in sbrugna...

EUVD-2015-7609

Malware in sbrugna...

EUVD-2006-2012

Malware in sbrugna...

EUVD-2012-1061

Malware in sbrugna...

CVE-2015-7708

Cross-site scripting XSS vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the catdescription parameter in an updatecat action to admin/categories.php...

CVE-2009-2132

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

BIT-RUM-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...

BIT-RUM-2021-27308

A cross-site scripting XSS vulnerability in the admin login panel in 4images version 1.8 allows remote attackers to inject JavaScript via the "redirect" parameter...

4images 1.9 - Remote Command Execution Vulnerability

Exploit Title: 4images 1.9 - Remote Command Execution RCE Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Selec...

4images 1.9 - Remote Command Execution (RCE)

Exploit Title: 4images 1.9 - Remote Command Execution RCE Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Selec...

4images 1.9 Remote Command Execution Vulnerability

Exploit Title: 4images 1.9 - Remote Command Execution Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Select...

4images 1.8 - 'limitnumber' SQL Injection (Authenticated)

Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...

4Images 1.8 - (redirect) Reflected XSS Vulnerability

Exploit Title: 4Images 1.8 - 'redirect' Reflected XSS Exploit Author: Piyush Patil Vendor Homepage: https://www.4homepages.de/ Software Link: https://www.4homepages.de/?download=4images1.8.zip&code=81da0c7b5208e172ea83d879634f51d6 Version: 4Images Gallery 1.8 Tested on: Windows 10 and Kali CVE :...