Vulnerabilities > Availscript > Availscript Photo Album
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-01 | CVE-2008-4370 | Cross-Site Scripting vulnerability in Availscript Photo Album Multiple cross-site scripting (XSS) vulnerabilities in Availscript Photo Album allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to pics.php and the (2) a parameter to view.php. | 4.3 |
| 2008-10-01 | CVE-2008-4369 | SQL Injection vulnerability in Availscript Photo Album SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter. | 7.5 |