35 matches found
CVE-2026-57647
Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...
CVE-2026-57647
CVE-2026-57647 concerns the WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin, affected in versions
EUVD-2026-39762
Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...
CVE-2026-57647 WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability
Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...
WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by endy in WordPress Plugin Panorama Viewer – 360 Degree Image + Video Viewer versions = 1.6.1...
CVE-2026-35455
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
CVE-2026-35455
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
CVE-2026-35455
Immich (self-hosted photo/video management) has a Stored XSS in the 360° panorama viewer prior to version 2.7.0. An authenticated user can upload an equirectangular image containing crafted text; OCR extracts it and the panorama viewer renders it via innerHTML without sanitization. This allows ar...
CVE-2026-35455 immich has Stored XSS via OCR Text in 360° Panorama Viewer
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
CVE-2026-35455 immich has Stored XSS via OCR Text in 360° Panorama Viewer
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
EUVD-2026-20583
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
immich 跨站脚本漏洞
immich is a high-performance, open-source, self-hosted solution for managing photos and videos. Versions of immich prior to 2.7.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a stored-cross-site scripting flaw within the 360-degree panorama viewer, which could...
PT-2026-31431
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
EUVD-2020-17609
Malware in sbrugna...
EUVD-2020-17608
Malware in sbrugna...
CVE-2020-24900
The default installation of Krpano Panorama Viewer version =1.20.8 is prone to Reflected XSS due to insecure XML load in file /viewer/krpano.html, parameter xml...
VulnCheck KEV: CVE-2020-24901
The default installation of Krpano Panorama Viewer version =1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugintest.url...
WordPress Panorama Viewer – 360 Degree Image + Video Viewer Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Panorama Viewer – 360 Degree Image + Video Viewer Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 90a4b4196c3c Credits...
WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.0.7 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin versions = 1.0.7. Solution Update the WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin to the latest available version at least 1.0.8...
WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.0.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin versions = 1.0.7. Solution Update the WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin to the latest available version at leas...