2 matches found
CVE-2008-1876
CVE-2008-1876 affects VisualPic 0.3.1 and is a PHP remote file inclusion in index.php via a URL in _CONFIG[files][functions_page], allowing arbitrary PHP code execution. The associated connected data confirms a public exploit presence (CANVAS) for VisualPic Include, indicating exploitation toolin...
CVE-2008-3379
CVE-2008-3379 affects Snark VisualPic 0.3.1 and is a cross-site scripting (XSS) vulnerability. The issue arises from insufficient input sanitization of the pic parameter in the default URI, allowing remote attackers to inject arbitrary web script/HTML that executes in the victim’s browser. The vu...