3 matches found
CVE-2014-100016
Cross-site scripting XSS vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prodid parameter...
CVE-2014-100016
Cross-site scripting XSS vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prodid parameter...
CVE-2014-100016
The CVE-2014-100016 entry concerns the WordPress Photocrati Theme, specifically the photocrati-gallery/ecomm-sizes.php component, where the prod_id parameter is vulnerable to cross-site scripting (XSS). Root cause: insufficient input validation/sanitization allows injected JavaScript/HTML to be e...