7 matches found
CVE-2024-46333
An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...
CVE-2024-46333
An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...
CVE-2024-46333
An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...
CVE-2024-46333
An authenticated cross-site scripting XSS vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function...
CVE-2024-46333
CVE-2024-46333: An authenticated XSS in Piwigo v14.5.0 allows injection of arbitrary web scripts/HTML via the Album Name field in Add Album. Affected component is the Album management flow; underlying cause is not detailed in the provided documents. Practical impact is limited to script execution...
CVE-2022-27428
A stored cross-site scripting XSS vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the albumname parameter...
GalleryCMS 跨站脚本漏洞
GalleryCMS is a free image gallery CMS based on the CodeIgniter 2.1 framework from Aaron Benson, a US-based individual developer. GalleryCMS v2.0 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation in the albumname parameter in /index.php/album/add for...