Description
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.
Remediation
References
Related Vulnerabilities
AngularJS Inefficient Regular Expression Complexity Vulnerability (CVE-2023-26116)
WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)
Drupal Core Remote Code Execution (8.0.0 - 9.2.21)
WordPress Plugin Traffic Manager Multiple Vulnerabilities (1.4.5)
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-9850)