Description
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file.
Remediation
References
Related Vulnerabilities
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)
WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)
Oracle Database Server CVE-2010-0853 Vulnerability (CVE-2010-0853)
WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7118)
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)