Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2267 | 1 Ansel | 1 Ansel | 2024-11-20 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. | |||||
CVE-2004-2266 | 1 Ansel | 1 Ansel | 2024-11-20 | 7.5 HIGH | N/A |
SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter. | |||||
CVE-2004-2203 | 1 Ansel | 1 Ansel | 2024-11-20 | 7.5 HIGH | N/A |
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories. |