cve/CVE-2015-5592.md at master - cve - Gitea: Git with a cup of tea

0xMarcio/cve

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

658 B

Raw Permalink Blame History

CVE-2015-5592

Description

Incomplete blacklist in sanitize_string in Zenphoto before 1.4.9 allows remote attackers to conduct cross-site scripting (XSS) attacks.

POC

Reference

http://packetstormsecurity.com/files/132667/ZenPhoto-1.4.8-XSS-SQL-Injection-Traversal.html

Github

No PoCs found on GitHub currently.