Description
The sanitize_string function in Zenphoto before 1.4.9 does not properly sanitize HTML tags, which allows remote attackers to perform a cross-site scripting (XSS) attack by wrapping a payload in "<<script></script>script>payload<script></script></script>", or in an image tag, with the payload as the onerror event.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Simple Spreadsheet Fetcher for Google Cross-Site Request Forgery (0.3.6)
phpList Other Vulnerability (CVE-2006-5524)
PHP Resource Management Errors Vulnerability (CVE-2006-1991)
WordPress Plugin WP Attachment Export Arbitrary File Download (0.2.3)
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9403)