Vulnerabilities > Imagevue

DATE CVE VULNERABILITY TITLE RISK
2008-03-10 CVE-2008-1273 Cross-Site Scripting vulnerability in Imagevue 1.7
Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) popup.php, (2) test/dir2.php, (3) admin/upload.php, and (4) dirxml.php in upload/.
network
imagevue CWE-79
4.3
2006-02-15 CVE-2006-0703 Multiple vulnerability in Imagevue 0.16.1
Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter.
network
imagevue
4.3
2006-02-15 CVE-2006-0702 Multiple vulnerability in Imagevue 0.16.1
admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via ..
network
low complexity
imagevue
5.0
2006-02-15 CVE-2006-0701 Multiple vulnerability in Imagevue 0.16.1
readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
network
low complexity
imagevue
5.0
2006-02-15 CVE-2006-0700 Permissions, Privileges, and Access Controls vulnerability in Imagevue 0.16.1
imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
network
low complexity
imagevue CWE-264
5.0