Cross-Site Scripting Vulnerability in Zenphoto by Zenphoto
CVE-2010-4907

Currently unrated

Key Information:

Vendor

Zenphoto

Status
Zenphoto
Vendor
CVE Published:
8 October 2011

What is CVE-2010-4907?

In Zenphoto version 1.3, a cross-site scripting (XSS) vulnerability exists in the zp-core/admin.php file. This flaw allows remote attackers to execute arbitrary web scripts or HTML by manipulating the user parameter. This vulnerability can lead to compromised web pages and affect site users. It is essential to update affected installations to mitigate potential risks associated with exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/41342
third-party-advisoryx_refsource_SECUNIA
http://packetstormsecurity.org/1009-exploits/zenphoto-sql...
x_refsource_MISC
http://www.securityfocus.com/bid/43021
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.