Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:45 p.m.10 views

CVE-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...

4.8CVSS5.2AI score0.00591EPSS
Exploits1
OSV
OSV
added 2024/03/06 11:4 a.m.33 views

BIT-RUM-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...

4.8CVSS4.7AI score0.00591EPSS
Exploits1References2
Prion
Prion
added 2021/01/26 6:15 p.m.21 views

Cross site scripting

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...

3.5CVSS4.7AI score0.00591EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/25 2:40 p.m.37 views

CVE-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting XSS in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie...

4.8AI score0.00591EPSS
Exploits1References1
CVE
CVE
added 2021/01/25 2:40 p.m.57 views

CVE-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL, allowing an attacker to inject a payload that can trigger on user visits and potentially steal cookies. The connected PT-2021-11862 entry confirms the issue and recommends updating to a vers...

4.8CVSS4.7AI score0.00591EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2016/11/10 12:0 a.m.41 views

4images 1.7.13 SQL Injection

vulnerable app : 4images query$sql; Input parameter orderby is not sanitized before being passed to the sql query which lead to sql injection flaw POC GET /lab/4images1.7.13/4images/admin/validateimages.php?action=validateimages&orderby=extractvalue1,concat0x7e,version&direction=ASC&limitnumber=1...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

4images - Image Gallery Management System - [CSRF] Change mail user or admin

No description provided by source. Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: 4images - Image Gallery Management System Software Link :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/13 12:0 a.m.20 views

4Images Image Gallery Management System - Cross-Site Request Forgery

Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: "4images - Image Gallery Management System" Software Link : http://www.4homepages.de Version: 1.7...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/13 12:0 a.m.31 views

4Images 1.7.7 Cross Site Request Forgery

Title: 4images - Image Gallery Management System - CSRF Change mail user or admin Author: Dmar al3noOoz Mail : wafeesathotmail.com Name : 4images - Image Gallery Management System dork : Google Dork: "4images - Image Gallery Management System" Software Link : http://www.4homepages.de Version: 1.7...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/03/06 12:0 a.m.147 views

4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion

4Images is installed on the remote system. It is an image gallery management system. The installed application does not validate user-input passed in the 'template' variable of the 'index.php' file. This allows an attacker to execute directory traversal attacks and display the content of sensitiv...

7.5CVSS6AI score0.09758EPSS
Exploits0References3
Rows per page
Query Builder