Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and previous versions allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted user_homepage parameter to member.php, and then posting a comment associated with a picture.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
4homepages 4images 1.7.1 |
||
4homepages 4images 1.7 |
||
4homepages 4images 1.6.1 |
||
4homepages 4images 1.5 |
||
4homepages 4images 1.7.3 |
||
4homepages 4images 1.7.6 |
||
4homepages 4images 1.0 |
||
4homepages 4images 1.7.2 |
||
4homepages 4images 1.6 |
||
4homepages 4images 1.7.5 |
||
4homepages 4images 1.7.4 |
||
4homepages 4images |