Filtered by vendor Picuploader Project
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-41442 | 1 Picuploader Project | 1 Picuploader | 2024-11-21 | 6.1 Medium |
PicUploader v2.6.3 was discovered to contain cross-site scripting (XSS) vulnerability via the setStorageParams function in SettingController.php. | ||||
CVE-2022-36748 | 1 Picuploader Project | 1 Picuploader | 2024-11-21 | 6.1 Medium |
PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php. | ||||
CVE-2024-44796 | 2 Picuploader Project, Xiebruce | 2 Picuploader, Picuploader | 2024-09-06 | 8 High |
A cross-site scripting (XSS) vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter. |
Page 1 of 1.