Description

Zenphoto 1.4.14 has multiple cross-site scripting (XSS) vulnerabilities via different URL parameters.

Remediation

References

CVE-2018-20140

Related Vulnerabilities

Prototype CVE-2020-27511 Vulnerability (CVE-2020-27511)

SharePoint CVE-2023-33129 Vulnerability (CVE-2023-33129)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.35)

ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2044)

WordPress Plugin Mobile Domain Multiple Vulnerabilities (1.5.2)

Severity

Medium

Classification

CVE-2018-20140 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities