Candid Security Vulnerabilities and Issues — Candid CVE List

Lucene search

Nicholas BerryCandid

2 matches found

CVE•added 2011/11/01 10:55 p.m.•38 views

CVE-2010-4978

Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.

4.3CVSS5.9AI score0.02301EPSS

CVE•added 2011/11/01 10:55 p.m.•31 views

CVE-2010-4979

SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.

7.5CVSS8.7AI score0.00506EPSS