4images Security Vulnerabilities and Issues — 4images CVE List

Lucene search

4homepages4images

5 matches found

CVE•added 2021/03/22 3:15 p.m.•93 views

CVE-2021-27308

A cross-site scripting (XSS) vulnerability in the admin login panel in 4images version 1.8 allows remote attackers to inject JavaScript via the "redirect" parameter.

4.8CVSS4.8AI score0.00485EPSS

CVE•added 2009/07/08 3:30 p.m.•47 views

CVE-2009-2380

Cross-site scripting (XSS) vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable.

4.3CVSS5.8AI score0.00329EPSS

CVE•added 2015/10/05 3:59 p.m.•42 views

CVE-2015-7708

Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat_description parameter in an updatecat action to admin/categories.php.

4.3CVSS5.9AI score0.00225EPSS

CVE•added 2012/02/08 12:55 a.m.•41 views

CVE-2012-1021

Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action.

4.3CVSS5.9AI score0.04593EPSS

CVE•added 2021/01/26 6:15 p.m.•39 views

CVE-2020-35853

4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie a...

4.8CVSS4.7AI score0.00207EPSS