Description
Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Slimstat Analytics Cross-Site Scripting (3.9.1)
WordPress Plugin Auto Group Join Cross-Site Scripting (1.0)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.24)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-17774)
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)