Vulnerabilities > Yabsoft > Advanced Image Hosting Script > 2.3

DATE	CVE	VULNERABILITY TITLE	RISK
2012-11-26	CVE-2012-6039	SQL Injection vulnerability in Yabsoft Advanced Image Hosting Script 2.3 SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter. network low complexity yabsoft CWE-89	7.5
2009-12-10	CVE-2009-4266	Cross-Site Scripting vulnerability in Yabsoft Advanced Image Hosting Script 2.2/2.3 Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter. network yabsoft CWE-79	4.3
2009-03-20	CVE-2009-1032	SQL Injection vulnerability in Yabsoft Advanced Image Hosting Script 2.3 SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter. network low complexity yabsoft CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.