BIT-RUM-2022-50806 4images 1.9 - Remote Command Execution (RCE)

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...

CVE-2022-50806

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...

CVE-2022-50806

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...

CVE-2022-50806 4images 1.9 - Remote Command Execution (RCE)

4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...

CVE-2021-27308

A cross-site scripting XSS vulnerability in the admin login panel in 4images version 1.8 allows remote attackers to inject JavaScript via the "redirect" parameter...

PT-2021-17387 · 4Images · 4Images

Name of the Vulnerable Software and Affected Versions: 4images version 1.8 Description: A cross-site scripting XSS issue exists in the admin login panel, allowing remote attackers to inject JavaScript via the redirect parameter. Recommendations: For 4images version 1.8, consider restricting acces...

4images Image Gallery Management System Cross-Site Scripting Vulnerability

4images Image Gallery Management System is a Php, Mysql based platform for managing images and media for the 4images community. A cross-site scripting vulnerability exists in 4images Image Gallery Management System version 1.7.11. An attacker can exploit this vulnerability to steal cookie...

PT-2021-11862 · Unknown · 4Images Image Gallery Management System

Name of the Vulnerable Software and Affected Versions: 4images Image Gallery Management System version 1.7.11 Description: The issue concerns cross-site scripting XSS in the Image URL, allowing an attacker to inject an XSS payload. This payload triggers every time a user visits the affected URL,...

CVE-2009-2131

Cross-site scripting XSS vulnerability in 4images 1.7.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted userhomepage parameter to member.php, and then posting a comment associated with a picture...