CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the catdescription parameter in an updatecat action to admin/categories.php...

4.3CVSS6AI score0.01438EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:7 p.m.•17 views

CVE-2009-2132

Directory traversal vulnerability in global.php in 4images before 1.7.7, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter...

6.8CVSS7.6AI score0.01903EPSS

Exploits1References1

Packet Storm•added 2015/12/09 12:0 a.m.•36 views

4images 1.7.11 Code Execution

!/usr/local/bin/python Exploit for 4images 1.7.11 Code Execution vulnerability An admin account is required to use this exploit Curesec GmbH import sys import re import argparse import requests requires requests lib parser = argparse.ArgumentParser parser.addargument"url", help="base url to...

7.4AI score

Exploits0

exploitpack•added 2012/01/31 12:0 a.m.•17 views

4Images 1.7.10 - adminindex.php?redirect Arbitrary Site Redirect

4Images 1.7.10 - adminindex.php?redirect Arbitrary Site Redirect source: https://www.securityfocus.com/bid/51774/info 4images is prone to multiple input-validation vulnerabilities including: 1. A cross-site scripting vulnerability. 2. An open-redirection vulnerability. 3. An SQL-injection...

7.4AI score

Exploits0

Packet Storm•added 2011/04/16 12:0 a.m.•20 views

4images 1.7.9 Blind SQL Injecton / Remote File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Exploits0

seebug.org•added 2009/06/12 12:0 a.m.•96 views

4images <= 1.7.7 Filter Bypass HTML Injection/XSS Vulnerability

No description provided by source. || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=-...

7.1AI score

Exploits0

exploitpack•added 2006/10/08 12:0 a.m.•43 views

4Images 1.7.x - search.php SQL Injection

4Images 1.7.x - search.php SQL Injection !/usr/bin/php //search.php?searchuser=x%2527%20union%20select%20userpassword%20from%204imagesusers%20where%20username=%2527ADMIN w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path options table prefix user id\n Options: -d: Determine table...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by