Vulnerabilities > Silisoftware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-21 | CVE-2012-2911 | Cross-Site Scripting vulnerability in Silisoftware Backupdb() 1.2.7A Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote attackers to inject arbitrary web script or HTML via the onlyDB parameter. | 4.3 |
2012-05-21 | CVE-2012-2910 | Cross-Site Scripting vulnerability in Silisoftware PHPthumb() 1.7.11 Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware phpThumb() 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter to demo/phpThumb.demo.random.php or (2) title parameter to demo/phpThumb.demo.showpic.php. | 4.3 |
2010-04-29 | CVE-2010-1598 | Improper Input Validation vulnerability in Silisoftware PHPthumb() 1.7.9 phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows remote attackers to execute arbitrary commands via the fltr[] parameter, as discovered in the wild in April 2010. | 6.8 |