Vulnerabilities (CVE)

Filtered by vendor Availscript Subscribe
Filtered by product Availscript Photo Album
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4370 1 Availscript 1 Availscript Photo Album 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Availscript Photo Album allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to pics.php and the (2) a parameter to view.php.
CVE-2008-4369 1 Availscript 1 Availscript Photo Album 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter.