Description
Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Remediation
References
Related Vulnerabilities
Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1584)
WordPress Plugin VaultPress Remote Code Execution (1.9.0)
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability (1.0 - 2.6)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778)