Filtered by vendor Jake Olefsky Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4260 1 Jake Olefsky 1 Fotopholder 2024-11-21 N/A
Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read arbitrary directories or files via a .. (dot dot) in the path parameter.
CVE-2006-4259 1 Jake Olefsky 1 Fotopholder 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in index.php in Fotopholder 1.8 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: this might be resultant from a directory traversal vulnerability.