4 matches found
CVE-2009-4266
CVE-2009-4266 is a Cross-Site Scripting (XSS) vulnerability in the YABSoft AIHS Script, affecting search.php. The issue allows remote attackers to inject arbitrary web script or HTML via the text parameter in AIHS Script 2.2 (and possibly 2.3). The vulnerability is documented with a MEDIUM severi...
CVE-2008-2536
CVE-2008-2536 is a SQL injection in the Out.php of YABSoft Advanced Image Hosting (AIH) Script 2.1 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via the t parameter. Documented impact per NVD indicates a base score of 7.5 (HIGH) with network attack vecto...
CVE-2009-1032
CVE-2009-1032 refers to a SQL injection vulnerability in gallery_list.php of YABSoft Advanced Image Hosting (AIHS) Script 2.3 , where the gal parameter can be exploited to execute arbitrary SQL commands. Multiple sources (NVD, OpenVAS entries) corroborate that this vulnerability affects the AIHS,...
CVE-2012-6039
CVE-2012-6039 affects the YABSoft Advanced Image Hosting (AIH) Script, likely version 2.3. The vulnerability is a SQL injection in view_comments.php exploitable via the gal parameter, enabling remote attackers to execute arbitrary SQL commands. Root cause is an input-driven SQL query without prop...