ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

  • Vulnerability: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution
  • Affected Software: ZenPhoto
  • Affected Version: 1.4.8 (probably also prior versions)
  • Patched Version: 1.4.9
  • Risk: Medium
  • Vendor Contacted: 2015-05-18
  • Vendor Fix: 2015-07-09
  • Public Disclosure: 2015-07-10

ZenPhoto is an open-source CMS written in PHP with a focus on hosting images. There are multiple vulnerabilities in version 1.4.8, including SQL injection and XSS vulnerabilities.

Continue