3 matches found
CVE-2015-2948
Cross-site scripting XSS vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2948
Cross-site scripting XSS vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2948
Zenphoto prior to version 1.4.8 contains a cross-site scripting (XSS) vulnerability in the image processor (CVE-2015-2948). This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially executing in a user’s browser. The vulnerability affects Zenphoto 1....