Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2018-20140

Published: 21/03/2019 Updated: 21/03/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Zenphoto

Vulnerability Summary

Zenphoto 1.4.14 has multiple cross-site scripting (XSS) vulnerabilities via different URL parameters.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zenphoto zenphoto 1.4.14

Exploits

Exploit DB: ZenPhoto 1.4.14 Cross Site Scripting
ZenPhoto version 1414 suffers from multiple cross site scripting vulnerabilities ...

Mailing Lists

Full Disclosure: Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1414 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> ...

References

CWE-79https://www.netsparker.com/web-applications-advisories/ns-18-043-cross-site-scripting-in-zenphoto/https://github.com/zenphoto/zenphoto/commit/9db85fcf9cc97887b81f34f03dcb180fd74e57dahttps://github.com/zenphoto/zenphoto/commit/695fb61707e4286b64f6e446c189b449bd07d00ahttp://seclists.org/fulldisclosure/2019/Jan/22http://packetstormsecurity.com/files/151052/ZenPhoto-1.4.14-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/151052/ZenPhoto-1.4.14-Cross-Site-Scripting.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook