Vulnerabilities > Ifoto
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-30 | CVE-2007-4092 | Directory Traversal vulnerability in iFoto Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. | 5.0 |
2006-06-13 | CVE-2006-3006 | Cross-Site Scripting vulnerability in Ifoto 0.20 Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter. network ifoto | 4.3 |