Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zenphoto vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-09953
ZENphoto version 1.4.2 suffers from PHP code execution, cross site scripting and remote SQL injection vulnerabilities.
7.5
CVSSv2
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager prior to 1.1, as used in tinymce prior to 1.4.2, phpMyFAQ 2.6 prior to 2.6.19 and 2.7 prior to 2.7.1, and possibly other products, allows remote malicious users to inject arbitrary PHP cod...
Phpletter Ajax File And Image Manager 1.0
Phpletter Ajax File And Image Manager 0.5.7
Phpletter Ajax File And Image Manager 0.5.5
Phpletter Ajax File And Image Manager 0.5
Phpletter Ajax File And Image Manager
Phpmyfaq Phpmyfaq 2.7.0
Phpmyfaq Phpmyfaq 2.6.10
Phpmyfaq Phpmyfaq 2.6.5
Phpmyfaq Phpmyfaq 2.6.4
Phpmyfaq Phpmyfaq 2.6.3
Phpletter Ajax File And Image Manager 0.9
Phpletter Ajax File And Image Manager 0.7.10
Phpletter Ajax File And Image Manager 0.6.12
Phpmyfaq Phpmyfaq 2.6.18
Phpmyfaq Phpmyfaq 2.6.16
Phpmyfaq Phpmyfaq 2.6.8
Phpmyfaq Phpmyfaq 2.6.6
Phpmyfaq Phpmyfaq 2.6.2
Phpmyfaq Phpmyfaq 2.6.0
Phpletter Ajax File And Image Manager 0.8.24
Phpletter Ajax File And Image Manager 0.8.9
Phpletter Ajax File And Image Manager 0.8.8
6 EDB exploits
7.5
CVSSv2
CVE-2010-4906
SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote malicious users to execute arbitrary SQL commands via the a parameter. NOTE: some of these details are obtained from third party information.
Zenphoto Zenphoto 1.3
Zenphoto Zenphoto 1.3.1.2
1 EDB exploit
4.3
CVSSv2
CVE-2010-4907
Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote malicious users to inject arbitrary web script or HTML via the user parameter. NOTE: the from parameter is already covered by CVE-2009-4562.
Zenphoto Zenphoto 1.3
1 EDB exploit
4.3
CVSSv2
CVE-2009-4562
Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.2.5 allows remote malicious users to inject arbitrary web script or HTML via the from parameter.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
4.3
CVSSv2
CVE-2009-4563
Cross-site request forgery (CSRF) vulnerability in zp-core/admin-options.php in Zenphoto 1.2.5 allows remote malicious users to hijack the authentication of administrators for requests that change the administrative password via the 0-adminpass and 0-adminpass_2 parameters in a s...
Zenphoto Zenphoto 1.2.5
1 EDB exploit
6.8
CVSSv2
CVE-2009-4564
SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-4566
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote malicious users to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-6925
Cross-site scripting (XSS) vulnerability in function.php in Zenphoto 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors in the "request logging" feature. NOTE: the provenance of this information is unknown; the details are...
Zenphoto Zenphoto 1.1.7
7.5
CVSSv2
CVE-2007-6666
SQL injection vulnerability in rss.php in Zenphoto 1.1 up to and including 1.1.3 allows remote malicious users to execute arbitrary SQL commands via the albumnr parameter.
Zenphoto Zenphoto 1.1
Zenphoto Zenphoto 1.1.1
Zenphoto Zenphoto 1.1.2
Zenphoto Zenphoto 1.1.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »