CVE-2009-1650

CVE-2009-1650 affects Shutter 0.1.1: Multiple SQL injection vulnerabilities in photos.php allow remote attackers to inject SQL via albumID, tagID, or photoID parameters to index.html. CVSS v2 base score 7.5 (HIGH) with partial impact on confidentiality, integrity, and availability. No remediation...

CVE-2014-3904

CVE-2014-3904 affects Shutter 0.1.4 (tenfourzero). The vulnerability is a SQL injection in lib/admin.php that enables remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact is described as possible arbitrary SQL execution with administrative context, potentially affect...

CVE-2014-3905

The CVE-2014-3905 issue affects tenfourzero Shutter version 0.1.4. It is described as a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The included sources indicate that an administrator viewing a maliciou...