1.7.6

DATE	CVE	VULNERABILITY TITLE	RISK
2009-07-08	CVE-2009-2380	Cross-Site Scripting vulnerability in 4Homepages 4Images Cross-site scripting (XSS) vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable. network 4homepages CWE-79	4.3
2009-06-19	CVE-2009-2131	Cross-Site Scripting vulnerability in 4Homepages 4Images Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted user_homepage parameter to member.php, and then posting a comment associated with a picture. network 4homepages CWE-79	3.5