Description
Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Support Plus Responsive Ticket System Security Bypass (7.1.4)
OpenSSL Resource Management Errors Vulnerability (CVE-2008-1678)
WordPress Plugin WooCommerce Unspecified Vulnerability (3.9.1)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1805)
CubeCart Improper Authentication Vulnerability (CVE-2014-2341)