Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.18 views

CVE-2024-46333

An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...

4.8CVSS5.6AI score0.00284EPSS
Exploits1References1
NVD
NVD
added 2024/09/27 3:15 p.m.28 views

CVE-2024-46333

An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...

4.8CVSS0.00284EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/27 12:0 a.m.14 views

CVE-2024-46333

An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...

0.00284EPSS
Exploits1References1
OSV
OSV
added 2024/09/27 12:0 a.m.5 views

CVE-2024-46333

An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...

4.8CVSS5.7AI score0.00284EPSS
Exploits1References3
CVE
CVE
added 2024/09/27 12:0 a.m.44 views

CVE-2024-46333

CVE-2024-46333: An authenticated XSS in Piwigo v14.5.0 allows injection of arbitrary web scripts/HTML via the Album Name field in Add Album. Affected component is the Album management flow; underlying cause is not detailed in the provided documents. Practical impact is limited to script execution...

4.8CVSS5.8AI score0.00284EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/25 1:15 p.m.2 views

CVE-2022-27428

A stored cross-site scripting XSS vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the albumname parameter...

5.4CVSS6AI score0.00479EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.4 views

GalleryCMS 跨站脚本漏洞

GalleryCMS is a free image gallery CMS based on the CodeIgniter 2.1 framework from Aaron Benson, a US-based individual developer. GalleryCMS v2.0 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation in the albumname parameter in /index.php/album/add for...

5.4CVSS5.6AI score0.00479EPSS
Exploits1References3
Rows per page
Query Builder