CVE-2010-5302
TimThumb vulnerability CVE-2010-5302 affects the timthumb.php component in TimThumb (versions before 1.15, as of 2010-09-08 r88). The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING. The affected software is ...