Podatność CVE-2015-5592

Podatność CVE-2015-5592

Publikacja: 2019-12-31

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
4.3/10	2.9/10	8.6/10

Affected software
Zenphoto -> Zenphoto

http://packetstormsecurity.com/files/132667/ZenPhoto-1.4.8-XSS-SQL-Injection-Traversal.html

http://software-talk.org/blog/2015/07/second-order-sql-injection-reflected-xss-path-traversal-function-execution-vulnerability-zenphoto/

http://www.zenphoto.org/news/zenphoto-1.4.9

https://www.openwall.com/lists/oss-security/2015/07/18/3