3 matches found
CVE-2009-5142
Technical details of CVE-2009-5142 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2010-5303
CVE-2010-5303 describes a cross-site scripting (XSS) vulnerability in TimThumb before 1.15 (r85), specifically in the displayError function, where an attacker could inject arbitrary script/HTML via $errorString. Affected: TimThumb core used in multiple products. Impact: remote abuse of XSS. Mitig...
CVE-2010-5302
TimThumb vulnerability CVE-2010-5302 affects the timthumb.php component in TimThumb (versions before 1.15, as of 2010-09-08 r88). The root cause is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING. The affected software is ...