Lucene search
K

4 matches found

0day.today
0day.today
added 2015/12/10 12:0 a.m.43 views

4images 1.7.11 - Multiple Vulnerabilities

Exploit for php platform in category web applications 4images 1.7.11 Code Execution, Path Traversal, SQL Injection, Cross Site Scripting Vulnerabilities Description 4images comes with a HTML Template editor which allows the editing of HTML files. But it will also create a new file if the passed...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.37 views

4images 1.7.11 Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.11 Fixed in: 1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.37 views

4images 1.7.11 SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.11 Fixed in: 1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...

Exploits0
NVD
NVD
added 2015/10/05 3:59 p.m.24 views

CVE-2015-7708

Cross-site scripting XSS vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the catdescription parameter in an updatecat action to admin/categories.php...

4.3CVSS5.7AI score0.01438EPSS
Exploits1References2
Rows per page
Query Builder