10 matches found
CVE-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...
BIT-RUM-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...
Cross site scripting
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...
CVE-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...
CVE-2020-35853
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL, allowing an attacker to inject a payload that can trigger on user visits and potentially steal cookies. The connected PT-2021-11862 entry confirms the issue and recommends updating to a vers...
4images 1.7.13 SQL Injection
vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET /lab/4images1.7.13/4images/admin/validateimages.php?action=validateimages&orderby=extractvalue1,concat0x7e,version&direction=ASC&limitnumber=1...
4images - Image Gallery Management System - [CSRF] Change mail user or admin
No description provided by source. Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: 4images - Image Gallery Management System Software Link :...
4Images Image Gallery Management System - Cross-Site Request Forgery
Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: "4images - Image Gallery Management System" Software Link : http://www.4homepages.de Version: 1.7...
4Images 1.7.7 Cross Site Request Forgery
Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: "4images - Image Gallery Management System" Software Link : http://www.4homepages.de Version: 1.7...
4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion
4Images is installed on the remote system. It is an image gallery management system. The installed application does not validate user-input passed in the 'template' variable of the 'index.php' file. This allows an attacker to execute directory traversal attacks and display the content of sensitiv...