2 matches found
CVE-2018-20140
CVE-2018-20140 affects ZenPhoto 1.4.14. The vulnerability is described as multiple cross-site scripting (XSS) flaws exploitable via different URL parameters (e.g., SEARCH_state, SEARCH_country, SEARCH_city). The issue is caused by improper handling of user input in these parameters, enabling inje...
ZenPhoto 1.4.14 Cross Site Scripting
Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14 Information -------------------- Advisory by Netsparker Name: Multiple Cross-Site Scripting Vulnerabilities in ZenPhoto 1.4.14 Affected Software: ZenPhoto Affected Versions: 1.4.14 Homepage: http://www.zenphoto.org/ Vulnerability:...