Description

Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.

Remediation

References

CVE-2010-4693

Related Vulnerabilities

WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)

WordPress Plugin Theme Editor Multiple Vulnerabilities (2.1)

phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7143)

Liferay Portal Insufficiently Protected Credentials Vulnerability (CVE-2021-29043)

WordPress Plugin AccessAlly PHP Code Execution (3.3.1)

Severity

Medium

Classification

CVE-2010-4693 CWE-707

Tags

Missing Update Known Vulnerabilities