Vulnerabilities > Silisoftware > Phpthumb > 1.7.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-05-21 | CVE-2012-2910 | Cross-Site Scripting vulnerability in Silisoftware PHPthumb() 1.7.11 Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware phpThumb() 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter to demo/phpThumb.demo.random.php or (2) title parameter to demo/phpThumb.demo.showpic.php. | 4.3 |